· 5 years ago · Feb 07, 2020, 08:53 AM
1######################################################################################################################################
2=======================================================================================================================================
3Hostname www.auctionit.co.bw ISP Stature-PTY-LTD
4Continent Africa Flag
5BW
6Country Botswana Country Code BW
7Region Gaborone Local time 07 Feb 2020 09:06 CAT
8City Gaborone Postal Code Unknown
9IP Address 154.73.84.17 Latitude -24.644
10 Longitude 25.911
11=======================================================================================================================================
12######################################################################################################################################
13> www.auctionit.co.bw
14Server: 185.93.180.131
15Address: 185.93.180.131#53
16
17Non-authoritative answer:
18Name: www.auctionit.co.bw
19Address: 154.73.84.17
20>
21######################################################################################################################################
22Domain Name: auctionit.co.bw
23Registry Domain ID: 4977-bwnic
24Registry WHOIS Server:: whois.nic.net.bw
25Updated Date: 2019-11-12T07:30:43.987Z
26Creation Date: 2012-11-12T22:00:00.0Z
27Registry Expiry Date: 2020-12-20T05:00:00.0Z
28Registrar Registration Expiration Date: 2020-12-20T05:00:00.0Z
29Registrar: Nashua Connect
30Domain Status: ok https://icann.org/epp#ok
31Registry Registrant ID: brouQ-Q2CNT
32Registrant Name: Desby Ludick
33Registrant Organization: AUCTION IT
34Registrant Street: Plot 28900 Gwest ind
35Registrant City: Gaborone
36Registrant State/Province: Gaborone
37Registrant Postal Code: 00267
38Registrant Country: BW
39Registrant Phone: +39.18724
40Registrant Email: desbyATauctionit.co.bw
41Registry Admin ID: p6Bqv-rXAuw
42Admin Name: Christo Rademeyer
43Admin Organization: wireless@home/BBI
44Admin Street: plot 50362 , unit 1 fairgrounds
45Admin Street: plot 50362 , unit 1 fairgrounds
46Admin Street: plot 50362 , unit 1 fairgrounds
47Admin City: Gaborone
48Admin State/Province: Gaborone
49Admin Postal Code: 00267
50Admin Country: BW
51Admin Phone: +267.3912345
52Admin Phone Ext: 207
53Admin Email: christoATbbi.email
54Registry Tech ID: XFQKE-edhQt
55Tech Name: STEPHEN VILJEON
56Tech Organization: wireless@home/BBI
57Tech Street: plot 50362 , unit 1 fairgrounds
58Tech Street: plot 50362 , unit 1 fairgrounds
59Tech Street: plot 50362 , unit 1 fairgrounds
60Tech City: Gaborone
61Tech State/Province: Gaborone
62Tech Postal Code: 00267
63Tech Country: BW
64Tech Phone: +267.3912345
65Tech Phone Ext: 201
66Tech Fax: +267.3930183
67Tech Fax Ext: 201
68Tech Email: stephATbbi.email
69Registry Billing ID: ZPEcT-ATghC
70Billing Name: Purnima
71Billing Organization: wireless@home/BBI
72Billing Street: plot 50362 , unit 1 fairgrounds
73Billing Street: plot 50362 , unit 1 fairgrounds
74Billing Street: plot 50362 , unit 1 fairgrounds
75Billing City: Gaborone
76Billing State/Province: Gaborone
77Billing Postal Code: 00267
78Billing Country: BW
79Billing Phone: +267.3912345
80Billing Phone Ext: 211
81Billing Fax: +39.30183
82Billing Fax Ext: 201
83Billing Email: adminATbbi.co.bw
84Name Server: ole.nconnect.co.bw
85Name Server: badhi.nconnect.co.bw
86DNSSEC: unsigned
87######################################################################################################################################
88[+] Target : www.auctionit.co.bw
89
90[+] IP Address : 154.73.84.17
91
92[+] Headers :
93
94[+] Server : nginx
95[+] Date : Fri, 07 Feb 2020 07:48:35 GMT
96[+] Content-Type : text/html; charset=UTF-8
97[+] Content-Length : 7703
98[+] Connection : keep-alive
99[+] Keep-Alive : timeout=60
100[+] Set-Cookie : PHPSESSID=4b8b9qgj1g1l74lv13r7a06au6; path=/
101[+] Expires : Thu, 19 Nov 1981 08:52:00 GMT
102[+] Cache-Control : no-store, no-cache, must-revalidate
103[+] Pragma : no-cache
104[+] Link : <http://www.auctionit.co.bw/wp-json/>; rel="https://api.w.org/", <http://www.auctionit.co.bw/>; rel=shortlink
105[+] X-TEC-API-VERSION : v1
106[+] X-TEC-API-ROOT : http://www.auctionit.co.bw/wp-json/tribe/events/v1/
107[+] X-TEC-API-ORIGIN : http://www.auctionit.co.bw
108[+] X-UA-Compatible : IE=edge
109[+] Vary : Accept-Encoding
110[+] Content-Encoding : gzip
111
112[+] SSL Certificate Information :
113
114[-] SSL is not Present on Target URL...Skipping...
115
116[+] Whois Lookup :
117
118[-] Error : ASN registry lookup failed. Permutations not allowed.
119
120[+] Crawling Target...
121
122[+] Looking for robots.txt........[ Found ]
123[+] Extracting robots Links.......[ 13 ]
124[+] Looking for sitemap.xml.......[ Not Found ]
125[+] Extracting CSS Links..........[ 12 ]
126[+] Extracting Javascript Links...[ 10 ]
127[+] Extracting Internal Links.....[ 13 ]
128[+] Extracting External Links.....[ 1 ]
129[+] Extracting Images.............[ 7 ]
130
131[+] Total Links Extracted : 56
132
133[+] Dumping Links in /opt/FinalRecon/dumps/www.auctionit.co.bw.dump
134[+] Completed!
135######################################################################################################################################
136[i] Scanning Site: http://www.auctionit.co.bw
137
138
139
140B A S I C I N F O
141====================
142
143
144[+] Site Title: Auction It
145[+] IP address: 154.73.84.17
146[+] Web Server: nginx
147[+] CMS: WordPress
148[+] Cloudflare: Not Detected
149[+] Robots File: Found
150
151-------------[ contents ]----------------
152# vestacp autogenerated robots.txt
153User-agent: *
154Crawl-delay: 10
155Disallow: /calendar/action~posterboard/
156Disallow: /calendar/action~agenda/
157Disallow: /calendar/action~oneday/
158Disallow: /calendar/action~month/
159Disallow: /calendar/action~week/
160Disallow: /calendar/action~stream/
161Disallow: /calendar/action~undefined/
162Disallow: /calendar/action~http:/
163Disallow: /calendar/action~default/
164Disallow: /calendar/action~poster/
165Disallow: /calendar/action~*/
166Disallow: /*controller=ai1ec_exporter_controller*
167Disallow: /*/action~*/
168-----------[end of contents]-------------
169
170
171
172W H O I S L O O K U P
173========================
174
175 Domain Name: auctionit.co.bw
176Registry Domain ID: 4977-bwnic
177Registry WHOIS Server:: whois.nic.net.bw
178Updated Date: 2019-11-12T07:30:43.987Z
179Creation Date: 2012-11-12T22:00:00.0Z
180Registry Expiry Date: 2020-12-20T05:00:00.0Z
181Registrar Registration Expiration Date: 2020-12-20T05:00:00.0Z
182Registrar: Nashua Connect
183Domain Status: ok https://icann.org/epp#ok
184Registry Registrant ID: 3wKE6-jGJXg
185Registrant Name: Desby Ludick
186Registrant Organization: AUCTION IT
187Registrant Street: Plot 28900 Gwest ind
188Registrant City: Gaborone
189Registrant State/Province: Gaborone
190Registrant Postal Code: 00267
191Registrant Country: BW
192Registrant Phone: +39.18724
193Registrant Email: desbyATauctionit.co.bw
194Registry Admin ID: FrVKQ-4nmAi
195Admin Name: Christo Rademeyer
196Admin Organization: wireless@home/BBI
197Admin Street: plot 50362 , unit 1 fairgrounds
198Admin Street: plot 50362 , unit 1 fairgrounds
199Admin Street: plot 50362 , unit 1 fairgrounds
200Admin City: Gaborone
201Admin State/Province: Gaborone
202Admin Postal Code: 00267
203Admin Country: BW
204Admin Phone: +267.3912345
205Admin Phone Ext: 207
206Admin Email: christoATbbi.email
207Registry Tech ID: dvPAf-M6X3J
208Tech Name: STEPHEN VILJEON
209Tech Organization: wireless@home/BBI
210Tech Street: plot 50362 , unit 1 fairgrounds
211Tech Street: plot 50362 , unit 1 fairgrounds
212Tech Street: plot 50362 , unit 1 fairgrounds
213Tech City: Gaborone
214Tech State/Province: Gaborone
215Tech Postal Code: 00267
216Tech Country: BW
217Tech Phone: +267.3912345
218Tech Phone Ext: 201
219Tech Fax: +267.3930183
220Tech Fax Ext: 201
221Tech Email: stephATbbi.email
222Registry Billing ID: EJZgm-2U9kY
223Billing Name: Purnima
224Billing Organization: wireless@home/BBI
225Billing Street: plot 50362 , unit 1 fairgrounds
226Billing Street: plot 50362 , unit 1 fairgrounds
227Billing Street: plot 50362 , unit 1 fairgrounds
228Billing City: Gaborone
229Billing State/Province: Gaborone
230Billing Postal Code: 00267
231Billing Country: BW
232Billing Phone: +267.3912345
233Billing Phone Ext: 211
234Billing Fax: +39.30183
235Billing Fax Ext: 201
236Billing Email: adminATbbi.co.bw
237Name Server: ole.nconnect.co.bw
238Name Server: badhi.nconnect.co.bw
239DNSSEC: unsigned
240>>> Last update of WHOIS database: 2020-02-07T03:11:17.392Z <<<
241
242For more information on Whois status codes, please visit https://icann.org/epp
243
244TERMS OF USE: You are NOT authorized to access or query the Botswana ccTLD WHOIS database through the use of electronic processes that are high-volume and automated. This WHOIS database is provided by as a service to the internet community.
245
246The data is for information purposes only. We do not guarantee its accuracy. By submitting a WHOIS query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this WHOIS data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) compilation, repackaging, dissemination or other use of this Data is expressly prohibited.
247
248
249
250
251G E O I P L O O K U P
252=========================
253
254[i] IP Address: 154.73.84.13
255[i] Country: Botswana
256[i] State:
257[i] City:
258[i] Latitude: -22.0
259[i] Longitude: 24.0
260
261
262
263
264H T T P H E A D E R S
265=======================
266
267
268[i] HTTP/1.1 200 OK
269[i] Server: nginx
270[i] Date: Fri, 07 Feb 2020 07:59:21 GMT
271[i] Content-Type: text/html; charset=UTF-8
272[i] Connection: close
273[i] Set-Cookie: PHPSESSID=s74baar85palom8pbqlv25ra07; path=/
274[i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
275[i] Cache-Control: no-store, no-cache, must-revalidate
276[i] Pragma: no-cache
277[i] Link: <http://www.auctionit.co.bw/wp-json/>; rel="https://api.w.org/"
278[i] Link: <http://www.auctionit.co.bw/>; rel=shortlink
279[i] X-TEC-API-VERSION: v1
280[i] X-TEC-API-ROOT: http://www.auctionit.co.bw/wp-json/tribe/events/v1/
281[i] X-TEC-API-ORIGIN: http://www.auctionit.co.bw
282[i] X-UA-Compatible: IE=edge
283[i] Vary: Accept-Encoding
284
285
286
287
288D N S L O O K U P
289===================
290
291auctionit.co.bw. 21599 IN MX 10 mx.auctionit.co.bw.
292auctionit.co.bw. 21599 IN MX 20 mail.auctionit.co.bw.
293auctionit.co.bw. 21599 IN SOA ole.nconnect.co.bw. johh.ncbw.co.bw. 2019051501 10800 3600 2419200 86400
294auctionit.co.bw. 21599 IN NS badhi.nconnect.co.bw.
295auctionit.co.bw. 21599 IN NS ole.nconnect.co.bw.
296auctionit.co.bw. 21599 IN TXT "v=spf1 a: mx ip4:154.73.84.9 a:mailgw.ncbw.co.bw -all"
297auctionit.co.bw. 21599 IN A 154.73.84.13
298
299
300
301
302S U B N E T C A L C U L A T I O N
303====================================
304
305Address = 154.73.84.13
306Network = 154.73.84.13 / 32
307Netmask = 255.255.255.255
308Broadcast = not needed on Point-to-Point links
309Wildcard Mask = 0.0.0.0
310Hosts Bits = 0
311Max. Hosts = 1 (2^0 - 0)
312Host Range = { 154.73.84.13 - 154.73.84.13 }
313
314
315
316N M A P P O R T S C A N
317============================
318
319Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-07 07:59 UTC
320Nmap scan report for auctionit.co.bw (154.73.84.13)
321Host is up (0.26s latency).
322
323PORT STATE SERVICE
32421/tcp filtered ftp
32522/tcp open ssh
32623/tcp filtered telnet
32780/tcp filtered http
328110/tcp filtered pop3
329143/tcp filtered imap
330443/tcp closed https
3313389/tcp filtered ms-wbt-server
332
333Nmap done: 1 IP address (1 host up) scanned in 9.26 seconds
334
335
336
337S U B - D O M A I N F I N D E R
338==================================
339
340
341[i] Total Subdomains Found : 3
342
343[+] Subdomain: mail.auctionit.co.bw
344[-] IP: 154.73.84.10
345
346[+] Subdomain: www.auctionit.co.bw
347[-] IP: 154.73.84.17
348
349[+] Subdomain: mx.auctionit.co.bw
350[-] IP: 154.73.84.9
351######################################################################################################################################
352[+] Starting At 2020-02-07 02:59:49.748643
353[+] Collecting Information On: http://www.auctionit.co.bw/
354[#] Status: 200
355--------------------------------------------------
356[#] Web Server Detected: nginx
357[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
358- Server: nginx
359- Date: Fri, 07 Feb 2020 07:59:39 GMT
360- Content-Type: text/html; charset=UTF-8
361- Content-Length: 7703
362- Connection: keep-alive
363- Keep-Alive: timeout=60
364- Set-Cookie: PHPSESSID=t9df49vasfsdknia34htakt682; path=/
365- Expires: Thu, 19 Nov 1981 08:52:00 GMT
366- Cache-Control: no-store, no-cache, must-revalidate
367- Pragma: no-cache
368- Link: <http://www.auctionit.co.bw/wp-json/>; rel="https://api.w.org/", <http://www.auctionit.co.bw/>; rel=shortlink
369- X-TEC-API-VERSION: v1
370- X-TEC-API-ROOT: http://www.auctionit.co.bw/wp-json/tribe/events/v1/
371- X-TEC-API-ORIGIN: http://www.auctionit.co.bw
372- X-UA-Compatible: IE=edge
373- Vary: Accept-Encoding
374- Content-Encoding: gzip
375--------------------------------------------------
376[#] Finding Location..!
377[#] status: success
378[#] country: Botswana
379[#] countryCode: BW
380[#] region: GA
381[#] regionName: Gaborone
382[#] city: Gaborone
383[#] zip:
384[#] lat: -24.6437
385[#] lon: 25.9112
386[#] timezone: Africa/Gaborone
387[#] isp: Stature NCBW-Networks
388[#] org:
389[#] as: AS327776 STATURE (PTY) LTD
390[#] query: 154.73.84.13
391--------------------------------------------------
392[x] Didn't Detect WAF Presence on: http://www.auctionit.co.bw/
393--------------------------------------------------
394[#] Starting Reverse DNS
395[-] Failed ! Fail
396--------------------------------------------------
397[!] Scanning Open Port
398[#] 22/tcp open ssh
399[#] 53/tcp open domain
400--------------------------------------------------
401[+] Getting SSL Info
402[Errno 111] Connection refused
403--------------------------------------------------
404[+] Collecting Information Disclosure!
405[#] Detecting sitemap.xml file
406[-] sitemap.xml file not Found!?
407[#] Detecting robots.txt file
408[!] robots.txt File Found: http://www.auctionit.co.bw//robots.txt
409[#] Detecting GNU Mailman
410[-] GNU Mailman App Not Detected!?
411--------------------------------------------------
412[+] Crawling Url Parameter On: http://www.auctionit.co.bw/
413--------------------------------------------------
414[#] Searching Html Form !
415[+] Html Form Discovered
416[#] action: None
417[#] class: ['footer-newsletter']
418[#] id: mailinglist-form
419[#] method: post
420--------------------------------------------------
421[!] Found 1 dom parameter
422[#] http://www.auctionit.co.bw/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fwww.auctionit.co.bw%2F&format=xml
423--------------------------------------------------
424[!] 4 Internal Dynamic Parameter Discovered
425[+] http://www.auctionit.co.bw/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fwww.auctionit.co.bw%2F
426[+] http://www.auctionit.co.bw/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fwww.auctionit.co.bw%2F&format=xml
427[+] http://www.auctionit.co.bw/wp-login.php?action=register
428[+] http://www.auctionit.co.bw/wp-login.php?action=login
429--------------------------------------------------
430[-] No external Dynamic Paramter Found!?
431--------------------------------------------------
432[!] 26 Internal links Discovered
433[+] http://www.auctionit.co.bw/
434[+] http://www.auctionit.co.bw/wp-json/tribe/events/v1/
435[+] http://www.auctionit.co.bw/wp-login.php
436[+] http://www.auctionit.co.bw/
437[+] http://www.auctionit.co.bw/wp-login.php
438[+] http://www.auctionit.co.bw/
439[+] http://www.auctionit.co.bw/auctions/
440[+] http://www.auctionit.co.bw/add-listing/
441[+] http://www.auctionit.co.bw/events/
442[+] http://www.auctionit.co.bw/about-us/
443[+] http://www.auctionit.co.bw/contact/
444[+] http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-8/
445[+] http://www.auctionit.co.bw//" title=
446[+] http://www.auctionit.co.bw//" title=
447[+] http://www.auctionit.co.bw//" title=
448[+] http://www.auctionit.co.bw/my-account/
449[+] http://www.auctionit.co.bw/blog/
450[+] http://www.auctionit.co.bw/about-us/
451[+] http://www.auctionit.co.bw/contact/
452[+] http://www.auctionit.co.bw/
453[+] http://www.auctionit.co.bw/auctions/
454[+] http://www.auctionit.co.bw/add-listing/
455[+] http://www.auctionit.co.bw/events/
456[+] http://www.auctionit.co.bw/about-us/
457[+] http://www.auctionit.co.bw/contact/
458[+] http://www.auctionit.co.bw/wp-content/themes/AT9/framework/new_css/css.font-awesome.css
459--------------------------------------------------
460[!] 1 External links Discovered
461[#] https://www.facebook.com/auctionitbots/
462--------------------------------------------------
463[#] Mapping Subdomain..
464[-] No Any Subdomain Found
465[!] Found 0 Subdomain
466--------------------------------------------------
467[!] Done At 2020-02-07 03:02:59.267628
468######################################################################################################################################
469Trying "auctionit.co.bw"
470;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24403
471;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 2
472
473;; QUESTION SECTION:
474;auctionit.co.bw. IN ANY
475
476;; ANSWER SECTION:
477auctionit.co.bw. 43200 IN TXT "v=spf1 a: mx ip4:154.73.84.9 a:mailgw.ncbw.co.bw -all"
478auctionit.co.bw. 43200 IN MX 20 mail.auctionit.co.bw.
479auctionit.co.bw. 43200 IN MX 10 mx.auctionit.co.bw.
480auctionit.co.bw. 43200 IN A 154.73.84.13
481auctionit.co.bw. 43200 IN SOA ole.nconnect.co.bw. johh.ncbw.co.bw. 2019051501 10800 3600 2419200 86400
482auctionit.co.bw. 3600 IN NS badhi.nconnect.co.bw.
483auctionit.co.bw. 3600 IN NS ole.nconnect.co.bw.
484
485;; ADDITIONAL SECTION:
486badhi.nconnect.co.bw. 3291 IN A 139.162.148.228
487ole.nconnect.co.bw. 3291 IN A 154.73.84.13
488
489Received 282 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 419 ms
490######################################################################################################################################
491; <<>> DiG 9.11.14-3-Debian <<>> +trace auctionit.co.bw any
492;; global options: +cmd
493. 83745 IN NS j.root-servers.net.
494. 83745 IN NS b.root-servers.net.
495. 83745 IN NS d.root-servers.net.
496. 83745 IN NS c.root-servers.net.
497. 83745 IN NS e.root-servers.net.
498. 83745 IN NS m.root-servers.net.
499. 83745 IN NS h.root-servers.net.
500. 83745 IN NS a.root-servers.net.
501. 83745 IN NS i.root-servers.net.
502. 83745 IN NS l.root-servers.net.
503. 83745 IN NS k.root-servers.net.
504. 83745 IN NS f.root-servers.net.
505. 83745 IN NS g.root-servers.net.
506. 83745 IN RRSIG NS 8 0 518400 20200220050000 20200207040000 33853 . RyXMAWX16DVcDHO5NmFT3hLbyih5Pyn6hAORrNRLD5A3Jaoj91ll+3IW R1UPNDw7Y6YaC/H3eETAl4ZiN4ROkhMt8tW3UJW319EE0HU7iATntMq4 6TRnercwnY4nbti+Cu8nU4PzydvjKYKiZ1ZZaK7v0HAFxG6fg/X/HVrO 1kVFDa58xA9NkAp8VkERMVnGQNrGle/B8A2fQJ+2hsAovjF5dVsn2GdV k0YbPQwwnApDPaTt4EsyLj1Kbmg1vW9SywEcb6GRU1qL8Tfnz/A8HE6C hr0cdM+FEWmhdxeOzjCwdORCGl3UewnieJCojyuVCLdsxsUW11HBCp2f m3NVMg==
507;; Received 525 bytes from 38.132.106.139#53(38.132.106.139) in 91 ms
508
509bw. 172800 IN NS dns2.nic.net.bw.
510bw. 172800 IN NS dns1.nic.net.bw.
511bw. 172800 IN NS master.btc.net.bw.
512bw. 172800 IN NS ns-bw.afrinic.net.
513bw. 172800 IN NS pch.nic.net.bw.
514bw. 86400 IN DS 18880 8 2 56B561D20EE04927D24D8A7591C58A22A42E0A18202B4DEED03CAA5B 66D4DD42
515bw. 86400 IN DS 18880 8 1 A948AFF07700C9F18AD356C5159B64CB65A0C487
516bw. 86400 IN RRSIG DS 8 1 86400 20200220050000 20200207040000 33853 . ygYZ9kR2kYC7a6/cgYMLwW04Ssy3X/tayUQa6GZz2hYXSxzi19cQa+De kDacV4Wl2tdMwpa4IP7sXEnv1MZQq8kLkwbM3aWHAdRtNbAUu1CgEYCj ORprLdpML63hdUTAxW89d38B+GOFV5kPt/L9EsXPF0DjXCLd2uodQEja J5BChn1kDUUiJ/5smRLejOyK6kmZjfLLe270uPt+7EdQD4YqMbOn7JcN EKXmtulMxfu13VhmEcrkrQK0ugFDtUeL+B3dxZCIUJtB4liMunNBhMo0 FchVM2c/9DOhuj2V5iEnyLOhATjv2btUlEVFUYRW/uaqI4Av3zSojsRx T52c/A==
517;; Received 811 bytes from 192.112.36.4#53(g.root-servers.net) in 167 ms
518
519auctionit.co.bw. 3600 IN NS badhi.nconnect.co.bw.
520auctionit.co.bw. 3600 IN NS ole.nconnect.co.bw.
521;; Received 123 bytes from 168.167.98.226#53(dns1.nic.net.bw) in 428 ms
522
523auctionit.co.bw. 86400 IN SOA ole.nconnect.co.bw. johh.ncbw.co.bw. 2019051501 10800 3600 2419200 86400
524auctionit.co.bw. 86400 IN NS ole.nconnect.co.bw.
525auctionit.co.bw. 86400 IN NS badhi.nconnect.co.bw.
526auctionit.co.bw. 86400 IN A 154.73.84.13
527auctionit.co.bw. 86400 IN MX 20 mail.auctionit.co.bw.
528auctionit.co.bw. 86400 IN MX 10 mx.auctionit.co.bw.
529auctionit.co.bw. 86400 IN TXT "v=spf1 a: mx ip4:154.73.84.9 a:mailgw.ncbw.co.bw -all"
530;; Received 325 bytes from 139.162.148.228#53(badhi.nconnect.co.bw) in 239 ms
531######################################################################################################################################
532[*] Processing domain auctionit.co.bw
533[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
534[+] Getting nameservers
535139.162.148.228 - badhi.nconnect.co.bw
536154.73.84.13 - ole.nconnect.co.bw
537[-] Zone transfer failed
538
539[+] TXT records found
540"v=spf1 a: mx ip4:154.73.84.9 a:mailgw.ncbw.co.bw -all"
541
542[+] MX records found, added to target list
54310 mx.auctionit.co.bw.
54420 mail.auctionit.co.bw.
545
546[*] Scanning auctionit.co.bw for A records
547154.73.84.13 - auctionit.co.bw
548154.73.84.10 - mail.auctionit.co.bw
549154.73.84.9 - mx.auctionit.co.bw
550154.73.84.17 - www.auctionit.co.bw
551######################################################################################################################################
552Parsero scan report for www.auctionit.co.bw
553http://www.auctionit.co.bw/calendar/action~posterboard/ 404 Not Found
554http://www.auctionit.co.bw/*controller=ai1ec_exporter_controller* 404 Not Found
555http://www.auctionit.co.bw/calendar/action~agenda/ 404 Not Found
556http://www.auctionit.co.bw/calendar/action~*/ 404 Not Found
557http://www.auctionit.co.bw/calendar/action~month/ 404 Not Found
558http://www.auctionit.co.bw/calendar/action~oneday/ 404 Not Found
559http://www.auctionit.co.bw/calendar/action~poster/ 404 Not Found
560http://www.auctionit.co.bw/*/action~*/ 404 Not Found
561http://www.auctionit.co.bw/calendar/action~week/ 404 Not Found
562http://www.auctionit.co.bw/calendar/action~default/ 404 Not Found
563http://www.auctionit.co.bw/calendar/action~stream/ 404 Not Found
564http://www.auctionit.co.bw/calendar/action~http:/ 404 Not Found
565http://www.auctionit.co.bw/calendar/action~undefined/ 404 Not Found
566
567[+] 13 links have been analyzed but any them are available...
568#######################################################################################################################################
569Domains still to check: 1
570 Checking if the hostname auctionit.co.bw. given is in fact a domain...
571
572Analyzing domain: auctionit.co.bw.
573 Checking NameServers using system default resolver...
574 IP: 139.162.148.228 (Germany)
575 HostName: badhi.nconnect.co.bw Type: NS
576 HostName: badhi.nconnect.co.bw Type: PTR
577 IP: 154.73.84.13 (Botswana)
578 HostName: ole.nconnect.co.bw Type: NS
579
580 Checking MailServers using system default resolver...
581 IP: 154.73.84.9 (Botswana)
582 HostName: mx.auctionit.co.bw Type: MX
583 HostName: mailgw.ncbw.co.bw Type: PTR
584 IP: 154.73.84.10 (Botswana)
585 HostName: mail.auctionit.co.bw Type: MX
586 HostName: mail.warcon.co.bw Type: PTR
587
588 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
589 No zone transfer found on nameserver 139.162.148.228
590 No zone transfer found on nameserver 154.73.84.13
591
592 Checking SPF record...
593 New hostname found:
594 New hostname found: mailgw
595
596 Checking 194 most common hostnames using system default resolver...
597 IP: 154.73.84.17 (Botswana)
598 HostName: www.auctionit.co.bw. Type: A
599 IP: 154.73.84.10 (Botswana)
600 HostName: mail.auctionit.co.bw Type: MX
601 HostName: mail.warcon.co.bw Type: PTR
602 HostName: mail.auctionit.co.bw. Type: A
603 IP: 154.73.84.9 (Botswana)
604 HostName: mx.auctionit.co.bw Type: MX
605 HostName: mailgw.ncbw.co.bw Type: PTR
606 Type: SPF
607 HostName: mx.auctionit.co.bw. Type: A
608
609 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
610 Checking netblock 139.162.148.0
611 Checking netblock 154.73.84.0
612
613 Searching for auctionit.co.bw. emails in Google
614
615 Checking 5 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
616 Host 139.162.148.228 is up (reset ttl 64)
617 Host 154.73.84.10 is up (reset ttl 64)
618 Host 154.73.84.13 is up (reset ttl 64)
619 Host 154.73.84.9 is up (reset ttl 64)
620 Host 154.73.84.17 is up (reset ttl 64)
621
622 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
623 Scanning ip 139.162.148.228 (badhi.nconnect.co.bw (PTR)):
624 22/tcp open ssh syn-ack ttl 52 OpenSSH 5.3 (protocol 2.0)
625 | ssh-hostkey:
626 | 1024 ce:47:7b:71:d2:c8:a4:69:4e:5e:55:af:64:c4:8e:69 (DSA)
627 |_ 2048 09:c0:87:04:af:d6:a5:fd:c4:92:fb:85:02:fb:8f:ed (RSA)
628 | vulners:
629 | cpe:/a:openbsd:openssh:5.3:
630 | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
631 | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
632 | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
633 | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
634 | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
635 | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
636 | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
637 | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
638 |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
639 53/tcp open domain syn-ack ttl 51 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
640 | dns-nsid:
641 |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4
642 80/tcp open http syn-ack ttl 51 nginx
643 |_http-favicon: Unknown favicon MD5: D2F16C48FE6205DC350618885DAEDAC7
644 | http-methods:
645 |_ Supported Methods: GET HEAD POST OPTIONS
646 |_http-title: Did not follow redirect to https://139.162.148.228/
647 Device type: general purpose|storage-misc|media device|WAP
648 Running (JUST GUESSING): Linux 2.6.X|3.X (92%), HP embedded (85%), Infomir embedded (85%), Ubiquiti embedded (85%), Ubiquiti AirOS 5.X (85%)
649 OS Info: Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
650 Scanning ip 154.73.84.10 (mail.auctionit.co.bw.):
651 22/tcp open ssh syn-ack ttl 47 OpenSSH 5.3 (protocol 2.0)
652 | ssh-hostkey:
653 | 1024 e1:f1:e0:f3:3e:2a:17:7e:00:d7:6d:00:dd:e6:76:3a (DSA)
654 |_ 2048 b8:b1:4e:25:15:5e:bb:65:84:83:0f:35:0b:c8:1e:2c (RSA)
655 | vulners:
656 | cpe:/a:openbsd:openssh:5.3:
657 | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
658 | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
659 | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
660 | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
661 | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
662 | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
663 | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
664 | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
665 |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
666 80/tcp open http syn-ack ttl 47 Surgemail webmail (DNews based)
667 |_http-generator: Mozilla/4.75 [en] (Windows NT 5.0; U) [Netscape]
668 | http-methods:
669 |_ Supported Methods: GET HEAD POST OPTIONS
670 |_http-server-header: DManager
671 |_http-title: SurgeMail Welcome Page
672 110/tcp open pop3 syn-ack ttl 47 SurgeMail pop3d 7.3e2-2
673 |_pop3-capabilities: UIDL USER SURGEMAIL TOP STLS
674 | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
675 | Subject Alternative Name: DNS:mail.nconnect.co.bw
676 | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
677 | Public Key type: rsa
678 | Public Key bits: 2048
679 | Signature Algorithm: sha256WithRSAEncryption
680 | Not valid before: 2019-06-04T00:00:00
681 | Not valid after: 2020-06-17T12:00:00
682 | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
683 |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
684 |_ssl-date: TLS randomness does not represent time
685 143/tcp open imap? syn-ack ttl 47
686 | fingerprint-strings:
687 | DNSStatusRequestTCP, DNSVersionBindReqTCP, Kerberos, NULL, RPCCheck, SMBProgNeg, SSLSessionReq, TLSSessionReq, TerminalServerCookie, X11Probe:
688 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
689 | GenericLines:
690 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
691 | command line Insufficient tokens ()
692 | command line Insufficient tokens ()
693 | GetRequest:
694 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
695 | Invalid command (/)
696 | command line Insufficient tokens ()
697 | HTTPOptions, RTSPRequest:
698 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
699 | OPTIONS BAD Invalid command (/)
700 | command line Insufficient tokens ()
701 | Help:
702 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
703 |_ command line Insufficient tokens (HELP)
704 |_imap-capabilities: IDLE SURGEMAIL UIDPLUS IMAP4REV1 Capability completed QUOTA OK STARTTLSA0001 SORT NAMESPACE IMAP4
705 465/tcp open ssl/smtp syn-ack ttl 47 Surgemail smtpd 7.3e2-2
706 | smtp-commands: nconnect.co.bw. Hello nmap.scanme.org (104.245.144.139), AUTH LOGIN PLAIN, DSN, ETRN, X-ID 6d61696c2e6e636f6e6e6563742e636f2e62772d373037323938373538, SIZE 50000000, HELP,
707 |_ ESMTP Mail Server
708 | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
709 | Subject Alternative Name: DNS:mail.nconnect.co.bw
710 | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
711 | Public Key type: rsa
712 | Public Key bits: 2048
713 | Signature Algorithm: sha256WithRSAEncryption
714 | Not valid before: 2019-06-04T00:00:00
715 | Not valid after: 2020-06-17T12:00:00
716 | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
717 |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
718 |_ssl-date: TLS randomness does not represent time
719 587/tcp open smtp syn-ack ttl 47 Surgemail smtpd 7.3e2-2
720 | smtp-commands: nconnect.co.bw. Hello nmap.scanme.org (104.245.144.139), AUTH LOGIN PLAIN, DSN, ETRN, STARTTLS, X-ID 6d61696c2e6e636f6e6e6563742e636f2e62772d373037323938373538, SIZE 50000000, HELP,
721 |_ ESMTP Mail Server
722 | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
723 | Subject Alternative Name: DNS:mail.nconnect.co.bw
724 | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
725 | Public Key type: rsa
726 | Public Key bits: 2048
727 | Signature Algorithm: sha256WithRSAEncryption
728 | Not valid before: 2019-06-04T00:00:00
729 | Not valid after: 2020-06-17T12:00:00
730 | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
731 |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
732 |_ssl-date: TLS randomness does not represent time
733 993/tcp open ssl/imaps? syn-ack ttl 47
734 | fingerprint-strings:
735 | DNSStatusRequestTCP, DNSVersionBindReqTCP, Kerberos, NULL, RPCCheck, SMBProgNeg, SSLSessionReq, TLSSessionReq, TerminalServerCookie, X11Probe:
736 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
737 | GenericLines:
738 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
739 | command line Insufficient tokens ()
740 | command line Insufficient tokens ()
741 | GetRequest:
742 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
743 | Invalid command (/)
744 | command line Insufficient tokens ()
745 | HTTPOptions, RTSPRequest:
746 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
747 | OPTIONS BAD Invalid command (/)
748 | command line Insufficient tokens ()
749 | Help:
750 | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
751 |_ command line Insufficient tokens (HELP)
752 | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
753 | Subject Alternative Name: DNS:mail.nconnect.co.bw
754 | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
755 | Public Key type: rsa
756 | Public Key bits: 2048
757 | Signature Algorithm: sha256WithRSAEncryption
758 | Not valid before: 2019-06-04T00:00:00
759 | Not valid after: 2020-06-17T12:00:00
760 | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
761 |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
762 |_ssl-date: TLS randomness does not represent time
763 995/tcp open ssl/pop3 syn-ack ttl 47 SurgeMail pop3d 7.3e2-2
764 | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
765 | Subject Alternative Name: DNS:mail.nconnect.co.bw
766 | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
767 | Public Key type: rsa
768 | Public Key bits: 2048
769 | Signature Algorithm: sha256WithRSAEncryption
770 | Not valid before: 2019-06-04T00:00:00
771 | Not valid after: 2020-06-17T12:00:00
772 | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
773 |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
774 |_ssl-date: TLS randomness does not represent time
775 OS Info: Service Info: Host: nconnect.co.bw
776 Scanning ip 154.73.84.13 (ole.nconnect.co.bw):
777 22/tcp open ssh syn-ack ttl 47 OpenSSH 5.3 (protocol 2.0)
778 | ssh-hostkey:
779 | 1024 35:ca:cf:1e:b6:fe:32:5a:f5:1b:d0:37:9c:35:8d:0a (DSA)
780 |_ 2048 4c:e5:f9:99:d1:8e:fd:d5:5e:3c:ab:45:36:dd:18:d9 (RSA)
781 | vulners:
782 | cpe:/a:openbsd:openssh:5.3:
783 | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
784 | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
785 | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
786 | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
787 | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
788 | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
789 | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
790 | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
791 |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
792 53/tcp open domain syn-ack ttl 47 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
793 | dns-nsid:
794 |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4
795 OS Info: Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
796 Scanning ip 154.73.84.9 (mx.auctionit.co.bw.):
797 26/tcp open smtp syn-ack ttl 47 Postfix smtpd
798 |_smtp-commands: mailgw.ncbw.co.bw, PIPELINING, SIZE 104857600, VRFY, ETRN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, SMTPUTF8,
799 Scanning ip 154.73.84.17 (www.auctionit.co.bw.):
800 21/tcp open ftp syn-ack ttl 47 vsftpd 3.0.3
801 80/tcp open http syn-ack ttl 47 nginx
802 | http-methods:
803 | Supported Methods: GET HEAD POST OPTIONS TRACE
804 |_ Potentially risky methods: TRACE
805 |_http-title: webserver1.ncbw.co.bw — Coming Soon
806 3306/tcp open mysql syn-ack ttl 47 MySQL 5.7.27-0ubuntu0.16.04.1
807 | mysql-info:
808 | Protocol: 10
809 | Version: 5.7.27-0ubuntu0.16.04.1
810 | Thread ID: 2458
811 | Capabilities flags: 63487
812 | Some Capabilities: SupportsCompression, ODBCClient, Speaks41ProtocolOld, SupportsTransactions, Support41Auth, LongColumnFlag, SupportsLoadDataLocal, IgnoreSigpipes, FoundRows, InteractiveClient, LongPassword, DontAllowDatabaseTableColumn, IgnoreSpaceBeforeParenthesis, Speaks41ProtocolNew, ConnectWithDatabase, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments
813 | Status: Autocommit
814 | Salt: :fjKPmck)q\x03p]|%:
815 | j\x0Bz
816 |_ Auth Plugin Name: mysql_native_password
817 | vulners:
818 | MySQL 5.7.27-0ubuntu0.16.04.1:
819 |_ NODEJS:602 0.0 https://vulners.com/nodejs/NODEJS:602
820 Device type: general purpose|storage-misc|broadband router|WAP
821 Running (JUST GUESSING): Linux 3.X|4.X|2.6.X|2.4.X (93%), HP embedded (91%)
822 OS Info: Service Info: OS: Unix
823 WebCrawling domain's web servers... up to 50 max links.
824
825 + URL to crawl: http://badhi.nconnect.co.bw
826 + Date: 2020-02-07
827
828 + Crawling URL: http://badhi.nconnect.co.bw:
829 + Links:
830 + Crawling http://badhi.nconnect.co.bw ([Errno 111] Connection refused)
831 + Searching for directories...
832 + Searching open folders...
833
834
835 + URL to crawl: http://mail.auctionit.co.bw.
836 + Date: 2020-02-07
837
838 + Crawling URL: http://mail.auctionit.co.bw.:
839 + Links:
840 + Crawling http://mail.auctionit.co.bw.
841 + Crawling http://mail.auctionit.co.bw./about_surgemail.htm
842 + Searching for directories...
843 - Found: http://mail.auctionit.co.bw./web/
844 - Found: http://mail.auctionit.co.bw./web/1642984354/
845 + Searching open folders...
846 - http://mail.auctionit.co.bw./web/ (No Open Folder)
847 - http://mail.auctionit.co.bw./web/1642984354/ (No Open Folder)
848 + Crawl finished successfully.
849----------------------------------------------------------------------
850Summary of http://http://mail.auctionit.co.bw.
851----------------------------------------------------------------------
852+ Links crawled:
853 - http://mail.auctionit.co.bw.
854 - http://mail.auctionit.co.bw./about_surgemail.htm
855 Total links crawled: 2
856
857+ Links to files found:
858 - http://mail.auctionit.co.bw./web/1642984354/surgemail.css
859 - http://mail.auctionit.co.bw./web/1642984354/surgemail.js
860 - http://mail.auctionit.co.bw./web/header_img.jpg
861 - http://mail.auctionit.co.bw./web/pixel_trans.gif
862 Total links to files: 4
863
864+ Externals links found:
865 - http://mail.auctionit.co.bw.:80/cgi/user.cgi
866 - http://mail.auctionit.co.bw.:80/surgeweb
867 - http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgemail
868 - http://netwinsite.com/spf.htm
869 - http://netwinsite.com/surgeftp
870 - http://netwinsite.com/surgemail
871 - http://netwinsite.com/surgemail/betadownloads.htm
872 - http://netwinsite.com/surgemail/help/protected.htm
873 - http://netwinsite.com/surgemail/help/spam.htm
874 - http://netwinsite.com/surgemail/stopspam.htm
875 - http://netwinsite.com/surgetorrent
876 - http://netwinsite.com/surgeweb/help/intro.htm
877 - http://news.netwinsite.com:8119/webnews?group=netwin.surgemail&cmd=list
878 - https://mail.auctionit.co.bw.:7443/cgi/domadmin.cgi
879 - https://mail.auctionit.co.bw.:7443/cgi/user.cgi
880 - https://mail.auctionit.co.bw.:7443/surgeweb
881 Total external links: 16
882
883+ Email addresses found:
884 Total email address found: 0
885
886+ Directories found:
887 - http://mail.auctionit.co.bw./web/ (No open folder)
888 - http://mail.auctionit.co.bw./web/1642984354/ (No open folder)
889 Total directories: 2
890
891+ Directory indexing found:
892 Total directories with indexing: 0
893
894----------------------------------------------------------------------
895
896
897 + URL to crawl: http://mail.auctionit.co.bw
898 + Date: 2020-02-07
899
900 + Crawling URL: http://mail.auctionit.co.bw:
901 + Links:
902 + Crawling http://mail.auctionit.co.bw
903 + Crawling http://mail.auctionit.co.bw/about_surgemail.htm
904 + Searching for directories...
905 - Found: http://mail.auctionit.co.bw/web/
906 - Found: http://mail.auctionit.co.bw/web/1642984354/
907 + Searching open folders...
908 - http://mail.auctionit.co.bw/web/ (No Open Folder)
909 - http://mail.auctionit.co.bw/web/1642984354/ (No Open Folder)
910 + Crawl finished successfully.
911----------------------------------------------------------------------
912Summary of http://http://mail.auctionit.co.bw
913----------------------------------------------------------------------
914+ Links crawled:
915 - http://mail.auctionit.co.bw
916 - http://mail.auctionit.co.bw/about_surgemail.htm
917 Total links crawled: 2
918
919+ Links to files found:
920 - http://mail.auctionit.co.bw/web/1642984354/surgemail.css
921 - http://mail.auctionit.co.bw/web/1642984354/surgemail.js
922 - http://mail.auctionit.co.bw/web/header_img.jpg
923 - http://mail.auctionit.co.bw/web/pixel_trans.gif
924 Total links to files: 4
925
926+ Externals links found:
927 - http://mail.auctionit.co.bw:80/cgi/user.cgi
928 - http://mail.auctionit.co.bw:80/surgeweb
929 - http://netwinsite.com/cgi-bin/keycgi.exe?cmd=download&product=surgemail
930 - http://netwinsite.com/spf.htm
931 - http://netwinsite.com/surgeftp
932 - http://netwinsite.com/surgemail
933 - http://netwinsite.com/surgemail/betadownloads.htm
934 - http://netwinsite.com/surgemail/help/protected.htm
935 - http://netwinsite.com/surgemail/help/spam.htm
936 - http://netwinsite.com/surgemail/stopspam.htm
937 - http://netwinsite.com/surgetorrent
938 - http://netwinsite.com/surgeweb/help/intro.htm
939 - http://news.netwinsite.com:8119/webnews?group=netwin.surgemail&cmd=list
940 - https://mail.auctionit.co.bw:7443/cgi/domadmin.cgi
941 - https://mail.auctionit.co.bw:7443/cgi/user.cgi
942 - https://mail.auctionit.co.bw:7443/surgeweb
943 Total external links: 16
944
945+ Email addresses found:
946 Total email address found: 0
947
948+ Directories found:
949 - http://mail.auctionit.co.bw/web/ (No open folder)
950 - http://mail.auctionit.co.bw/web/1642984354/ (No open folder)
951 Total directories: 2
952
953+ Directory indexing found:
954 Total directories with indexing: 0
955
956----------------------------------------------------------------------
957
958
959 + URL to crawl: http://www.auctionit.co.bw.
960 + Date: 2020-02-07
961
962 + Crawling URL: http://www.auctionit.co.bw.:
963 + Links:
964 + Crawling http://www.auctionit.co.bw.
965 + Searching for directories...
966 + Searching open folders...
967
968--Finished--
969Summary information for domain auctionit.co.bw.
970-----------------------------------------
971
972 Domain Ips Information:
973 IP: 139.162.148.228
974 HostName: badhi.nconnect.co.bw Type: NS
975 HostName: badhi.nconnect.co.bw Type: PTR
976 Country: Germany
977 Is Active: True (reset ttl 64)
978 Port: 22/tcp open ssh syn-ack ttl 52 OpenSSH 5.3 (protocol 2.0)
979 Script Info: | ssh-hostkey:
980 Script Info: | 1024 ce:47:7b:71:d2:c8:a4:69:4e:5e:55:af:64:c4:8e:69 (DSA)
981 Script Info: |_ 2048 09:c0:87:04:af:d6:a5:fd:c4:92:fb:85:02:fb:8f:ed (RSA)
982 Script Info: | vulners:
983 Script Info: | cpe:/a:openbsd:openssh:5.3:
984 Script Info: | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
985 Script Info: | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
986 Script Info: | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
987 Script Info: | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
988 Script Info: | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
989 Script Info: | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
990 Script Info: | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
991 Script Info: | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
992 Script Info: |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
993 Port: 53/tcp open domain syn-ack ttl 51 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
994 Script Info: | dns-nsid:
995 Script Info: |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4
996 Port: 80/tcp open http syn-ack ttl 51 nginx
997 Script Info: |_http-favicon: Unknown favicon MD5: D2F16C48FE6205DC350618885DAEDAC7
998 Script Info: | http-methods:
999 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1000 Script Info: |_http-title: Did not follow redirect to https://139.162.148.228/
1001 Script Info: Device type: general purpose|storage-misc|media device|WAP
1002 Script Info: Running (JUST GUESSING): Linux 2.6.X|3.X (92%), HP embedded (85%), Infomir embedded (85%), Ubiquiti embedded (85%), Ubiquiti AirOS 5.X (85%)
1003 Os Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
1004 IP: 154.73.84.10
1005 HostName: mail.auctionit.co.bw Type: MX
1006 HostName: mail.warcon.co.bw Type: PTR
1007 HostName: mail.auctionit.co.bw. Type: A
1008 Country: Botswana
1009 Is Active: True (reset ttl 64)
1010 Port: 22/tcp open ssh syn-ack ttl 47 OpenSSH 5.3 (protocol 2.0)
1011 Script Info: | ssh-hostkey:
1012 Script Info: | 1024 e1:f1:e0:f3:3e:2a:17:7e:00:d7:6d:00:dd:e6:76:3a (DSA)
1013 Script Info: |_ 2048 b8:b1:4e:25:15:5e:bb:65:84:83:0f:35:0b:c8:1e:2c (RSA)
1014 Script Info: | vulners:
1015 Script Info: | cpe:/a:openbsd:openssh:5.3:
1016 Script Info: | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1017 Script Info: | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1018 Script Info: | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1019 Script Info: | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1020 Script Info: | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1021 Script Info: | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1022 Script Info: | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1023 Script Info: | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1024 Script Info: |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1025 Port: 80/tcp open http syn-ack ttl 47 Surgemail webmail (DNews based)
1026 Script Info: |_http-generator: Mozilla/4.75 [en] (Windows NT 5.0; U) [Netscape]
1027 Script Info: | http-methods:
1028 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1029 Script Info: |_http-server-header: DManager
1030 Script Info: |_http-title: SurgeMail Welcome Page
1031 Port: 110/tcp open pop3 syn-ack ttl 47 SurgeMail pop3d 7.3e2-2
1032 Script Info: |_pop3-capabilities: UIDL USER SURGEMAIL TOP STLS
1033 Script Info: | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
1034 Script Info: | Subject Alternative Name: DNS:mail.nconnect.co.bw
1035 Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1036 Script Info: | Public Key type: rsa
1037 Script Info: | Public Key bits: 2048
1038 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1039 Script Info: | Not valid before: 2019-06-04T00:00:00
1040 Script Info: | Not valid after: 2020-06-17T12:00:00
1041 Script Info: | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
1042 Script Info: |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
1043 Script Info: |_ssl-date: TLS randomness does not represent time
1044 Port: 143/tcp open imap? syn-ack ttl 47
1045 Script Info: | fingerprint-strings:
1046 Script Info: | DNSStatusRequestTCP, DNSVersionBindReqTCP, Kerberos, NULL, RPCCheck, SMBProgNeg, SSLSessionReq, TLSSessionReq, TerminalServerCookie, X11Probe:
1047 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1048 Script Info: | GenericLines:
1049 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1050 Script Info: | command line Insufficient tokens ()
1051 Script Info: | command line Insufficient tokens ()
1052 Script Info: | GetRequest:
1053 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1054 Script Info: | Invalid command (/)
1055 Script Info: | command line Insufficient tokens ()
1056 Script Info: | HTTPOptions, RTSPRequest:
1057 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1058 Script Info: | OPTIONS BAD Invalid command (/)
1059 Script Info: | command line Insufficient tokens ()
1060 Script Info: | Help:
1061 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1062 Script Info: |_ command line Insufficient tokens (HELP)
1063 Script Info: |_imap-capabilities: IDLE SURGEMAIL UIDPLUS IMAP4REV1 Capability completed QUOTA OK STARTTLSA0001 SORT NAMESPACE IMAP4
1064 Port: 465/tcp open ssl/smtp syn-ack ttl 47 Surgemail smtpd 7.3e2-2
1065 Script Info: | smtp-commands: nconnect.co.bw. Hello nmap.scanme.org (104.245.144.139), AUTH LOGIN PLAIN, DSN, ETRN, X-ID 6d61696c2e6e636f6e6e6563742e636f2e62772d373037323938373538, SIZE 50000000, HELP,
1066 Script Info: |_ ESMTP Mail Server
1067 Script Info: | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
1068 Script Info: | Subject Alternative Name: DNS:mail.nconnect.co.bw
1069 Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1070 Script Info: | Public Key type: rsa
1071 Script Info: | Public Key bits: 2048
1072 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1073 Script Info: | Not valid before: 2019-06-04T00:00:00
1074 Script Info: | Not valid after: 2020-06-17T12:00:00
1075 Script Info: | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
1076 Script Info: |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
1077 Script Info: |_ssl-date: TLS randomness does not represent time
1078 Port: 587/tcp open smtp syn-ack ttl 47 Surgemail smtpd 7.3e2-2
1079 Script Info: | smtp-commands: nconnect.co.bw. Hello nmap.scanme.org (104.245.144.139), AUTH LOGIN PLAIN, DSN, ETRN, STARTTLS, X-ID 6d61696c2e6e636f6e6e6563742e636f2e62772d373037323938373538, SIZE 50000000, HELP,
1080 Script Info: |_ ESMTP Mail Server
1081 Script Info: | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
1082 Script Info: | Subject Alternative Name: DNS:mail.nconnect.co.bw
1083 Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1084 Script Info: | Public Key type: rsa
1085 Script Info: | Public Key bits: 2048
1086 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1087 Script Info: | Not valid before: 2019-06-04T00:00:00
1088 Script Info: | Not valid after: 2020-06-17T12:00:00
1089 Script Info: | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
1090 Script Info: |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
1091 Script Info: |_ssl-date: TLS randomness does not represent time
1092 Port: 993/tcp open ssl/imaps? syn-ack ttl 47
1093 Script Info: | fingerprint-strings:
1094 Script Info: | DNSStatusRequestTCP, DNSVersionBindReqTCP, Kerberos, NULL, RPCCheck, SMBProgNeg, SSLSessionReq, TLSSessionReq, TerminalServerCookie, X11Probe:
1095 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1096 Script Info: | GenericLines:
1097 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1098 Script Info: | command line Insufficient tokens ()
1099 Script Info: | command line Insufficient tokens ()
1100 Script Info: | GetRequest:
1101 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1102 Script Info: | Invalid command (/)
1103 Script Info: | command line Insufficient tokens ()
1104 Script Info: | HTTPOptions, RTSPRequest:
1105 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1106 Script Info: | OPTIONS BAD Invalid command (/)
1107 Script Info: | command line Insufficient tokens ()
1108 Script Info: | Help:
1109 Script Info: | * OK IMAP (C) nconnect.co.bw (Version 7.3e2-2)
1110 Script Info: |_ command line Insufficient tokens (HELP)
1111 Script Info: | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
1112 Script Info: | Subject Alternative Name: DNS:mail.nconnect.co.bw
1113 Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1114 Script Info: | Public Key type: rsa
1115 Script Info: | Public Key bits: 2048
1116 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1117 Script Info: | Not valid before: 2019-06-04T00:00:00
1118 Script Info: | Not valid after: 2020-06-17T12:00:00
1119 Script Info: | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
1120 Script Info: |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
1121 Script Info: |_ssl-date: TLS randomness does not represent time
1122 Port: 995/tcp open ssl/pop3 syn-ack ttl 47 SurgeMail pop3d 7.3e2-2
1123 Script Info: | ssl-cert: Subject: commonName=mail.nconnect.co.bw/organizationName=PrimeTel T/A NConnect/countryName=BW
1124 Script Info: | Subject Alternative Name: DNS:mail.nconnect.co.bw
1125 Script Info: | Issuer: commonName=DigiCert SHA2 Secure Server CA/organizationName=DigiCert Inc/countryName=US
1126 Script Info: | Public Key type: rsa
1127 Script Info: | Public Key bits: 2048
1128 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1129 Script Info: | Not valid before: 2019-06-04T00:00:00
1130 Script Info: | Not valid after: 2020-06-17T12:00:00
1131 Script Info: | MD5: 5791 018c 7b87 171c e804 4f88 05a2 2e68
1132 Script Info: |_SHA-1: 0af4 917b fa1c a534 e72e 0ded 87ed fc8c 2b1e 574f
1133 Script Info: |_ssl-date: TLS randomness does not represent time
1134 Os Info: Host: nconnect.co.bw
1135 IP: 154.73.84.13
1136 HostName: ole.nconnect.co.bw Type: NS
1137 Country: Botswana
1138 Is Active: True (reset ttl 64)
1139 Port: 22/tcp open ssh syn-ack ttl 47 OpenSSH 5.3 (protocol 2.0)
1140 Script Info: | ssh-hostkey:
1141 Script Info: | 1024 35:ca:cf:1e:b6:fe:32:5a:f5:1b:d0:37:9c:35:8d:0a (DSA)
1142 Script Info: |_ 2048 4c:e5:f9:99:d1:8e:fd:d5:5e:3c:ab:45:36:dd:18:d9 (RSA)
1143 Script Info: | vulners:
1144 Script Info: | cpe:/a:openbsd:openssh:5.3:
1145 Script Info: | CVE-2010-4478 7.5 https://vulners.com/cve/CVE-2010-4478
1146 Script Info: | CVE-2017-15906 5.0 https://vulners.com/cve/CVE-2017-15906
1147 Script Info: | CVE-2016-10708 5.0 https://vulners.com/cve/CVE-2016-10708
1148 Script Info: | CVE-2010-5107 5.0 https://vulners.com/cve/CVE-2010-5107
1149 Script Info: | CVE-2016-0777 4.0 https://vulners.com/cve/CVE-2016-0777
1150 Script Info: | CVE-2010-4755 4.0 https://vulners.com/cve/CVE-2010-4755
1151 Script Info: | CVE-2012-0814 3.5 https://vulners.com/cve/CVE-2012-0814
1152 Script Info: | CVE-2011-5000 3.5 https://vulners.com/cve/CVE-2011-5000
1153 Script Info: |_ CVE-2011-4327 2.1 https://vulners.com/cve/CVE-2011-4327
1154 Port: 53/tcp open domain syn-ack ttl 47 ISC BIND 9.8.2rc1 (RedHat Enterprise Linux 6)
1155 Script Info: | dns-nsid:
1156 Script Info: |_ bind.version: 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4
1157 Os Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:6
1158 IP: 154.73.84.9
1159 HostName: mx.auctionit.co.bw Type: MX
1160 HostName: mailgw.ncbw.co.bw Type: PTR
1161 Type: SPF
1162 HostName: mx.auctionit.co.bw. Type: A
1163 Country: Botswana
1164 Is Active: True (reset ttl 64)
1165 Port: 26/tcp open smtp syn-ack ttl 47 Postfix smtpd
1166 Script Info: |_smtp-commands: mailgw.ncbw.co.bw, PIPELINING, SIZE 104857600, VRFY, ETRN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, SMTPUTF8,
1167 IP: 154.73.84.17
1168 HostName: www.auctionit.co.bw. Type: A
1169 Country: Botswana
1170 Is Active: True (reset ttl 64)
1171 Port: 21/tcp open ftp syn-ack ttl 47 vsftpd 3.0.3
1172 Port: 80/tcp open http syn-ack ttl 47 nginx
1173 Script Info: | http-methods:
1174 Script Info: | Supported Methods: GET HEAD POST OPTIONS TRACE
1175 Script Info: |_ Potentially risky methods: TRACE
1176 Script Info: |_http-title: webserver1.ncbw.co.bw — Coming Soon
1177 Port: 3306/tcp open mysql syn-ack ttl 47 MySQL 5.7.27-0ubuntu0.16.04.1
1178 Script Info: | mysql-info:
1179 Script Info: | Protocol: 10
1180 Script Info: | Version: 5.7.27-0ubuntu0.16.04.1
1181 Script Info: | Thread ID: 2458
1182 Script Info: | Capabilities flags: 63487
1183 Script Info: | Some Capabilities: SupportsCompression, ODBCClient, Speaks41ProtocolOld, SupportsTransactions, Support41Auth, LongColumnFlag, SupportsLoadDataLocal, IgnoreSigpipes, FoundRows, InteractiveClient, LongPassword, DontAllowDatabaseTableColumn, IgnoreSpaceBeforeParenthesis, Speaks41ProtocolNew, ConnectWithDatabase, SupportsAuthPlugins, SupportsMultipleResults, SupportsMultipleStatments
1184 Script Info: | Status: Autocommit
1185 Script Info: | Salt: :fjKPmck)q\x03p]|%:
1186 Script Info: | j\x0Bz
1187 Script Info: |_ Auth Plugin Name: mysql_native_password
1188 Script Info: | vulners:
1189 Script Info: | MySQL 5.7.27-0ubuntu0.16.04.1:
1190 Script Info: |_ NODEJS:602 0.0 https://vulners.com/nodejs/NODEJS:602
1191 Script Info: Device type: general purpose|storage-misc|broadband router|WAP
1192 Script Info: Running (JUST GUESSING): Linux 3.X|4.X|2.6.X|2.4.X (93%), HP embedded (91%)
1193 Os Info: OS: Unix
1194
1195--------------End Summary --------------
1196-----------------------------------------
1197######################################################################################################################################
1198traceroute to www.auctionit.co.bw (154.73.84.17), 30 hops max, 60 byte packets
1199 1 10.245.204.1 (10.245.204.1) 32.221 ms 33.836 ms 33.829 ms
1200 2 R43.static.amanah.com (104.245.144.129) 33.813 ms 33.796 ms 33.776 ms
1201 3 te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9) 33.804 ms 62.271 ms 62.289 ms
1202 4 te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37) 33.720 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41) 33.653 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37) 33.669 ms
1203 5 te0-9-1-9.ccr32.yyz02.atlas.cogentco.com (154.54.43.169) 33.579 ms te0-9-0-9.ccr32.yyz02.atlas.cogentco.com (154.54.43.153) 33.535 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161) 33.539 ms
1204 6 be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90) 62.086 ms 101.341 ms 61.772 ms
1205 7 be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161) 177.196 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165) 169.606 ms 177.089 ms
1206 8 be2391.ccr51.lhr01.atlas.cogentco.com (154.54.39.149) 177.124 ms be2491.ccr52.lhr01.atlas.cogentco.com (154.54.39.118) 177.130 ms be2391.ccr51.lhr01.atlas.cogentco.com (154.54.39.149) 177.084 ms
1207 9 be3488.ccr42.lon13.atlas.cogentco.com (154.54.60.13) 177.086 ms 177.085 ms be3487.ccr41.lon13.atlas.cogentco.com (154.54.60.5) 177.070 ms
120810 be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154) 177.075 ms 176.975 ms 176.995 ms
120911 te0-0-2-0.rcr11.b015592-1.lon01.atlas.cogentco.com (130.117.50.98) 199.184 ms te0-0-2-2.rcr11.b015592-1.lon01.atlas.cogentco.com (130.117.51.234) 199.090 ms 199.058 ms
121012 149.14.80.218 (149.14.80.218) 169.253 ms 167.927 ms 119.535 ms
121113 41.191.219.221 (41.191.219.221) 149.668 ms 149.623 ms 149.570 ms
121214 41.191.216.33 (41.191.216.33) 357.654 ms 357.638 ms 357.546 ms
121315 41.191.218.28 (41.191.218.28) 357.558 ms 357.565 ms 357.519 ms
121416 41.191.216.158 (41.191.216.158) 357.512 ms 383.685 ms 383.639 ms
1215######################################################################################################################################
1216
1217----- auctionit.co.bw -----
1218
1219
1220Host's addresses:
1221__________________
1222
1223auctionit.co.bw. 85733 IN A 154.73.84.13
1224
1225
1226Name Servers:
1227______________
1228
1229badhi.nconnect.co.bw. 77167 IN A 139.162.148.228
1230ole.nconnect.co.bw. 77666 IN A 154.73.84.13
1231
1232
1233Mail (MX) Servers:
1234___________________
1235
1236mx.auctionit.co.bw. 86077 IN A 154.73.84.9
1237mail.auctionit.co.bw. 86076 IN A 154.73.84.10
1238
1239
1240Brute forcing with /usr/share/dnsenum/dns.txt:
1241_______________________________________________
1242
1243mail.auctionit.co.bw. 86044 IN A 154.73.84.10
1244mx.auctionit.co.bw. 86043 IN A 154.73.84.9
1245www.auctionit.co.bw. 83524 IN A 154.73.84.17
1246
1247
1248Launching Whois Queries:
1249_________________________
1250
1251 whois ip result: 154.73.84.0 -> 154.73.84.0/24
1252
1253
1254auctionit.co.bw_______________
1255
1256 154.73.84.0/24
1257######################################################################################################################################
1258URLCrazy Domain Report
1259Domain : www.auctionit.co.bw
1260Keyboard : qwerty
1261At : 2020-02-07 03:04:17 -0500
1262
1263# Please wait. 217 hostnames to process
1264
1265Typo Type Typo DNS-A CC-A DNS-MX Extn
1266-------------------------------------------------------------------------------------------------------------------------------
1267Character Omission ww.auctionit.co.bw ? bw
1268Character Omission www.actionit.co.bw ? bw
1269Character Omission www.aucionit.co.bw ? bw
1270Character Omission www.auctinit.co.bw ? bw
1271Character Omission www.auctioit.co.bw ? bw
1272Character Omission www.auctioni.co.bw ? bw
1273Character Omission www.auctionit.c.bw ? bw
1274Character Omission www.auctionit.o.bw 23.226.132.211 bw
1275Character Omission www.auctionitco.bw ? bw
1276Character Omission www.auctiont.co.bw ? bw
1277Character Omission www.auctonit.co.bw ? bw
1278Character Omission www.autionit.co.bw ? bw
1279Character Omission www.uctionit.co.bw ? bw
1280Character Omission wwwauctionit.co.bw ? bw
1281Character Repeat www.aauctionit.co.bw ? bw
1282Character Repeat www.aucctionit.co.bw ? bw
1283Character Repeat www.auctiionit.co.bw ? bw
1284Character Repeat www.auctioniit.co.bw ? bw
1285Character Repeat www.auctionit.cco.bw ? bw
1286Character Repeat www.auctionit.coo.bw ? bw
1287Character Repeat www.auctionitt.co.bw ? bw
1288Character Repeat www.auctionnit.co.bw ? bw
1289Character Repeat www.auctioonit.co.bw ? bw
1290Character Repeat www.aucttionit.co.bw ? bw
1291Character Repeat www.auuctionit.co.bw ? bw
1292Character Repeat wwww.auctionit.co.bw ? bw
1293Character Swap ww.wauctionit.co.bw ? bw
1294Character Swap www.acutionit.co.bw ? bw
1295Character Swap www.aucitonit.co.bw ? bw
1296Character Swap www.auctinoit.co.bw ? bw
1297Character Swap www.auctioint.co.bw ? bw
1298Character Swap www.auctioni.tco.bw ? bw
1299Character Swap www.auctionit.oc.bw ? bw
1300Character Swap www.auctionitc.o.bw 23.226.132.211 bw
1301Character Swap www.auctionti.co.bw ? bw
1302Character Swap www.auctoinit.co.bw ? bw
1303Character Swap www.autcionit.co.bw ? bw
1304Character Swap www.uactionit.co.bw ? bw
1305Character Swap wwwa.uctionit.co.bw ? bw
1306Character Replacement eww.auctionit.co.bw ? bw
1307Character Replacement qww.auctionit.co.bw ? bw
1308Character Replacement wew.auctionit.co.bw ? bw
1309Character Replacement wqw.auctionit.co.bw ? bw
1310Character Replacement wwe.auctionit.co.bw ? bw
1311Character Replacement wwq.auctionit.co.bw ? bw
1312Character Replacement www.aictionit.co.bw ? bw
1313Character Replacement www.aucrionit.co.bw ? bw
1314Character Replacement www.auctiinit.co.bw ? bw
1315Character Replacement www.auctiobit.co.bw ? bw
1316Character Replacement www.auctiomit.co.bw ? bw
1317Character Replacement www.auctionir.co.bw ? bw
1318Character Replacement www.auctionit.ci.bw ? bw
1319Character Replacement www.auctionit.co.be 91.195.240.126 DE,GERMANY mail.pickelhost.com be
1320Character Replacement www.auctionit.cp.bw ? bw
1321Character Replacement www.auctionit.vo.bw ? bw
1322Character Replacement www.auctionit.xo.bw ? bw
1323Character Replacement www.auctioniy.co.bw ? bw
1324Character Replacement www.auctionot.co.bw ? bw
1325Character Replacement www.auctionut.co.bw ? bw
1326Character Replacement www.auctipnit.co.bw ? bw
1327Character Replacement www.auctoonit.co.bw ? bw
1328Character Replacement www.auctuonit.co.bw ? bw
1329Character Replacement www.aucyionit.co.bw ? bw
1330Character Replacement www.auvtionit.co.bw ? bw
1331Character Replacement www.auxtionit.co.bw ? bw
1332Character Replacement www.ayctionit.co.bw ? bw
1333Character Replacement www.suctionit.co.bw ? bw
1334Double Character Replacement eew.auctionit.co.bw ? bw
1335Double Character Replacement qqw.auctionit.co.bw ? bw
1336Double Character Replacement wee.auctionit.co.bw ? bw
1337Double Character Replacement wqq.auctionit.co.bw ? bw
1338Character Insertion weww.auctionit.co.bw ? bw
1339Character Insertion wqww.auctionit.co.bw ? bw
1340Character Insertion wwew.auctionit.co.bw ? bw
1341Character Insertion wwqw.auctionit.co.bw ? bw
1342Character Insertion www.asuctionit.co.bw ? bw
1343Character Insertion www.auctioinit.co.bw ? bw
1344Character Insertion www.auctionbit.co.bw ? bw
1345Character Insertion www.auctioniot.co.bw ? bw
1346Character Insertion www.auctionit.coi.bw ? bw
1347Character Insertion www.auctionit.cop.bw ? bw
1348Character Insertion www.auctionit.cvo.bw ? bw
1349Character Insertion www.auctionit.cxo.bw ? bw
1350Character Insertion www.auctionitr.co.bw ? bw
1351Character Insertion www.auctionity.co.bw ? bw
1352Character Insertion www.auctioniut.co.bw ? bw
1353Character Insertion www.auctionmit.co.bw ? bw
1354Character Insertion www.auctiopnit.co.bw ? bw
1355Character Insertion www.auctiuonit.co.bw ? bw
1356Character Insertion www.auctrionit.co.bw ? bw
1357Character Insertion www.auctyionit.co.bw ? bw
1358Character Insertion www.aucvtionit.co.bw ? bw
1359Character Insertion www.aucxtionit.co.bw ? bw
1360Character Insertion www.auictionit.co.bw ? bw
1361Character Insertion www.auyctionit.co.bw ? bw
1362Character Insertion wwwe.auctionit.co.bw ? bw
1363Character Insertion wwwq.auctionit.co.bw ? bw
1364Missing Dot wwwwww.auctionit.co.bw ? bw
1365Singular or Pluralise co.bw ? bw
1366Singular or Pluralise cos.bw ? bw
1367Vowel Swap www.aactionit.co.bw ? bw
1368Vowel Swap www.aectionit.co.bw ? bw
1369Vowel Swap www.aoctionit.co.bw ? bw
1370Vowel Swap www.auctaonat.co.bw ? bw
1371Vowel Swap www.aucteonet.co.bw ? bw
1372Vowel Swap www.auctianit.ca.bw ? bw
1373Vowel Swap www.auctienit.ce.bw ? bw
1374Vowel Swap www.auctiinit.ci.bw ? bw
1375Vowel Swap www.auctiunit.cu.bw ? bw
1376Vowel Swap www.auctoonot.co.bw ? bw
1377Vowel Swap www.auctuonut.co.bw ? bw
1378Vowel Swap www.euctionit.co.bw ? bw
1379Vowel Swap www.iuctionit.co.bw ? bw
1380Vowel Swap www.ouctionit.co.bw ? bw
1381Vowel Swap www.uuctionit.co.bw ? bw
1382Homophones www.auctayeonayet.co.bw ? bw
1383Homophones www.aucteyeoneyet.co.bw ? bw
1384Homophones www.auctioknit.co.bw ? bw
1385Bit Flipping 7ww.auctionit.co.bw ? bw
1386Bit Flipping gww.auctionit.co.bw ? bw
1387Bit Flipping sww.auctionit.co.bw ? bw
1388Bit Flipping uww.auctionit.co.bw ? bw
1389Bit Flipping vww.auctionit.co.bw ? bw
1390Bit Flipping w7w.auctionit.co.bw ? bw
1391Bit Flipping wgw.auctionit.co.bw ? bw
1392Bit Flipping wsw.auctionit.co.bw ? bw
1393Bit Flipping wuw.auctionit.co.bw ? bw
1394Bit Flipping wvw.auctionit.co.bw ? bw
1395Bit Flipping ww7.auctionit.co.bw ? bw
1396Bit Flipping wwg.auctionit.co.bw ? bw
1397Bit Flipping wws.auctionit.co.bw ? bw
1398Bit Flipping wwu.auctionit.co.bw ? bw
1399Bit Flipping wwv.auctionit.co.bw ? bw
1400Bit Flipping www.a5ctionit.co.bw ? bw
1401Bit Flipping www.aqctionit.co.bw ? bw
1402Bit Flipping www.atctionit.co.bw ? bw
1403Bit Flipping www.auationit.co.bw ? bw
1404Bit Flipping www.aubtionit.co.bw ? bw
1405Bit Flipping www.auc4ionit.co.bw ? bw
1406Bit Flipping www.aucdionit.co.bw ? bw
1407Bit Flipping www.aucpionit.co.bw ? bw
1408Bit Flipping www.auctaonit.co.bw ? bw
1409Bit Flipping www.aucthonit.co.bw ? bw
1410Bit Flipping www.auctignit.co.bw ? bw
1411Bit Flipping www.auctiknit.co.bw ? bw
1412Bit Flipping www.auctimnit.co.bw ? bw
1413Bit Flipping www.auctinnit.co.bw ? bw
1414Bit Flipping www.auctio.it.co.bw ? bw
1415Bit Flipping www.auctiofit.co.bw ? bw
1416Bit Flipping www.auctiojit.co.bw ? bw
1417Bit Flipping www.auctiolit.co.bw ? bw
1418Bit Flipping www.auctionat.co.bw ? bw
1419Bit Flipping www.auctionht.co.bw ? bw
1420Bit Flipping www.auctioni4.co.bw ? bw
1421Bit Flipping www.auctionid.co.bw ? bw
1422Bit Flipping www.auctionip.co.bw ? bw
1423Bit Flipping www.auctionit.ao.bw ? bw
1424Bit Flipping www.auctionit.bo.bw ? bw
1425Bit Flipping www.auctionit.cg.bw ? bw
1426Bit Flipping www.auctionit.ck.bw ? bw
1427Bit Flipping www.auctionit.cm.bw ? bw
1428Bit Flipping www.auctionit.cn.bw ? bw
1429Bit Flipping www.auctionit.co.bg ? bg
1430Bit Flipping www.auctionit.co.bs ? bs
1431Bit Flipping www.auctionit.co.rw ? rw
1432Bit Flipping www.auctionit.go.bw ? bw
1433Bit Flipping www.auctionit.ko.bw ? bw
1434Bit Flipping www.auctionit.so.bw ? bw
1435Bit Flipping www.auctionitnco.bw ? bw
1436Bit Flipping www.auctioniu.co.bw ? bw
1437Bit Flipping www.auctioniv.co.bw ? bw
1438Bit Flipping www.auctionkt.co.bw ? bw
1439Bit Flipping www.auctionmt.co.bw ? bw
1440Bit Flipping www.auctionyt.co.bw ? bw
1441Bit Flipping www.auctiooit.co.bw ? bw
1442Bit Flipping www.auctkonit.co.bw ? bw
1443Bit Flipping www.auctmonit.co.bw ? bw
1444Bit Flipping www.auctyonit.co.bw ? bw
1445Bit Flipping www.aucuionit.co.bw ? bw
1446Bit Flipping www.aucvionit.co.bw ? bw
1447Bit Flipping www.augtionit.co.bw ? bw
1448Bit Flipping www.auktionit.co.bw ? bw
1449Bit Flipping www.austionit.co.bw ? bw
1450Bit Flipping www.awctionit.co.bw ? bw
1451Bit Flipping www.cuctionit.co.bw ? bw
1452Bit Flipping www.quctionit.co.bw ? bw
1453Bit Flipping wwwnauctionit.co.bw ? bw
1454Homoglyphs vvvvvv.auctionit.co.bw ? bw
1455Homoglyphs vvvvw.auctionit.co.bw ? bw
1456Homoglyphs vvwvv.auctionit.co.bw ? bw
1457Homoglyphs vvww.auctionit.co.bw ? bw
1458Homoglyphs wvvvv.auctionit.co.bw ? bw
1459Homoglyphs wvvw.auctionit.co.bw ? bw
1460Homoglyphs wwvv.auctionit.co.bw ? bw
1461Homoglyphs www.aucti0nit.c0.bw ? bw
1462Homoglyphs www.aucti0nit.co.bw ? bw
1463Homoglyphs www.auctionit.c0.bw ? bw
1464Homoglyphs www.auctionlt.co.bw ? bw
1465Homoglyphs www.auctlonit.co.bw ? bw
1466Homoglyphs www.auctlonlt.co.bw ? bw
1467Wrong TLD co.ca ? ca
1468Wrong TLD co.ch ? ch
1469Wrong TLD co.com 173.192.76.171 AU,AUSTRALIA mx.spamexperts.com com
1470Wrong TLD co.de 144.76.162.245 DE,GERMANY de
1471Wrong TLD co.edu ? edu
1472Wrong TLD co.es ? es
1473Wrong TLD co.fr ? fr
1474Wrong TLD co.it ? it
1475Wrong TLD co.jp ? jp
1476Wrong TLD co.net 188.166.216.219 ALT2.ASPMX.L.GOOGLE.COM net
1477Wrong TLD co.nl 116.202.11.3 IN,INDIA nl
1478Wrong TLD co.no 94.124.122.6 NL,NETHERLANDS no
1479Wrong TLD co.org 50.87.216.45 ��, co.org org
1480Wrong TLD co.ru 195.16.62.67 RU,RUSSIAN FEDERATION mail.co.ru ru
1481Wrong TLD co.se ? se
1482Wrong TLD co.uk ? co.uk
1483Wrong TLD co.us ? us
1484######################################################################################################################################
1485[*] Processing domain www.auctionit.co.bw
1486[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
1487[+] Getting nameservers
1488[-] Getting nameservers failed
1489[-] Zone transfer failed
1490
1491[*] Scanning www.auctionit.co.bw for A records
1492154.73.84.17 - www.auctionit.co.bw
1493#####################################################################################################################################
1494[+] www.auctionit.co.bw has no SPF record!
1495[*] No DMARC record found. Looking for organizational record
1496[+] No organizational DMARC record
1497[+] Spoofing possible for www.auctionit.co.bw!
1498######################################################################################################################################
1499INFO[0000] Starting to process queue....
1500INFO[0000] Starting to process permutations....
1501INFO[0000] FORBIDDEN http://auctionit.s3.amazonaws.com (http://auctionit.co.bw)
1502#######################################################################################################################################
1503[:] ASN: 327776 / Stature-PTY-LTD, BW
1504[:] Writing 2 CIDRs to file...
1505[:] Converting to IPs...
1506[:] Writing 5116 IPs to file...
1507######################################################################################################################################
1508WARNING: Duplicate port number(s) specified. Are you alert enough to be using Nmap? Have some coffee or Jolt(tm).
1509Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:09 EST
1510Nmap scan report for www.auctionit.co.bw (154.73.84.17)
1511Host is up (0.27s latency).
1512Not shown: 487 filtered ports, 6 closed ports
1513Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1514PORT STATE SERVICE
151521/tcp open ftp
151680/tcp open http
15173306/tcp open mysql
1518
1519Nmap done: 1 IP address (1 host up) scanned in 12.97 seconds
1520######################################################################################################################################
1521Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:10 EST
1522Nmap scan report for www.auctionit.co.bw (154.73.84.17)
1523Host is up (0.078s latency).
1524Not shown: 2 filtered ports
1525PORT STATE SERVICE
152653/udp open|filtered domain
152767/udp open|filtered dhcps
152868/udp open|filtered dhcpc
152969/udp open|filtered tftp
153088/udp open|filtered kerberos-sec
1531123/udp open|filtered ntp
1532139/udp open|filtered netbios-ssn
1533161/udp open|filtered snmp
1534162/udp open|filtered snmptrap
1535389/udp open|filtered ldap
1536500/udp open|filtered isakmp
1537520/udp open|filtered route
15382049/udp open|filtered nfs
1539
1540Nmap done: 1 IP address (1 host up) scanned in 2.56 seconds
1541######################################################################################################################################
1542Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:10 EST
1543NSE: Loaded 54 scripts for scanning.
1544NSE: Script Pre-scanning.
1545Initiating NSE at 03:10
1546Completed NSE at 03:10, 0.00s elapsed
1547Initiating NSE at 03:10
1548Completed NSE at 03:10, 0.00s elapsed
1549Initiating Parallel DNS resolution of 1 host. at 03:10
1550Completed Parallel DNS resolution of 1 host. at 03:10, 0.02s elapsed
1551Initiating SYN Stealth Scan at 03:10
1552Scanning www.auctionit.co.bw (154.73.84.17) [1 port]
1553Discovered open port 21/tcp on 154.73.84.17
1554Completed SYN Stealth Scan at 03:10, 0.36s elapsed (1 total ports)
1555Initiating Service scan at 03:10
1556Scanning 1 service on www.auctionit.co.bw (154.73.84.17)
1557Completed Service scan at 03:10, 0.64s elapsed (1 service on 1 host)
1558Initiating OS detection (try #1) against www.auctionit.co.bw (154.73.84.17)
1559Retrying OS detection (try #2) against www.auctionit.co.bw (154.73.84.17)
1560Initiating Traceroute at 03:10
1561Completed Traceroute at 03:10, 3.17s elapsed
1562Initiating Parallel DNS resolution of 17 hosts. at 03:10
1563Completed Parallel DNS resolution of 17 hosts. at 03:10, 0.60s elapsed
1564NSE: Script scanning 154.73.84.17.
1565Initiating NSE at 03:10
1566NSE Timing: About 70.83% done; ETC: 03:12 (0:00:30 remaining)
1567Completed NSE at 03:11, 90.47s elapsed
1568Initiating NSE at 03:11
1569Completed NSE at 03:11, 0.05s elapsed
1570Nmap scan report for www.auctionit.co.bw (154.73.84.17)
1571Host is up (0.31s latency).
1572
1573PORT STATE SERVICE VERSION
157421/tcp open ftp vsftpd 3.0.3
1575Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1576Aggressive OS guesses: Linux 3.10 - 4.11 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 3.16 - 4.6 (92%), Linux 3.2 - 4.9 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Linux 4.8 (92%), Linux 4.9 (91%), Linux 3.12 (90%)
1577No exact OS matches for host (test conditions non-ideal).
1578Uptime guess: 0.280 days (since Thu Feb 6 20:28:22 2020)
1579Network Distance: 18 hops
1580TCP Sequence Prediction: Difficulty=264 (Good luck!)
1581IP ID Sequence Generation: All zeros
1582Service Info: OS: Unix
1583
1584TRACEROUTE (using port 21/tcp)
1585HOP RTT ADDRESS
15861 101.93 ms 10.245.204.1
15872 131.83 ms R43.static.amanah.com (104.245.144.129)
15883 131.88 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
15894 131.90 ms te0-0-0-1.agr13.yyz02.atlas.cogentco.com (154.24.54.37)
15905 131.90 ms te0-9-0-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.141)
15916 131.94 ms be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
15927 179.24 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
15938 210.04 ms be2391.ccr51.lhr01.atlas.cogentco.com (154.54.39.149)
15949 210.09 ms be3487.ccr41.lon13.atlas.cogentco.com (154.54.60.5)
159510 132.07 ms be2868.ccr21.lon01.atlas.cogentco.com (154.54.57.154)
159611 128.33 ms te0-0-2-2.rcr11.b015592-1.lon01.atlas.cogentco.com (130.117.51.234)
159712 151.93 ms 149.14.80.218
159813 182.09 ms 41.191.219.221
159914 387.70 ms 41.191.216.33
160015 387.65 ms 41.191.218.28
160116 349.46 ms 41.191.216.158
160217 ...
160318 347.15 ms 154.73.84.17
1604
1605NSE: Script Post-scanning.
1606Initiating NSE at 03:11
1607Completed NSE at 03:11, 0.00s elapsed
1608Initiating NSE at 03:11
1609Completed NSE at 03:11, 0.00s elapsed
1610######################################################################################################################################
1611HTTP/1.1 200 OK
1612Server: nginx
1613Date: Fri, 07 Feb 2020 08:12:38 GMT
1614Content-Type: text/html; charset=UTF-8
1615Connection: keep-alive
1616Keep-Alive: timeout=60
1617Set-Cookie: PHPSESSID=01i1t6cuie06ttarl2bofmfbc5; path=/
1618Expires: Thu, 19 Nov 1981 08:52:00 GMT
1619Cache-Control: no-store, no-cache, must-revalidate
1620Pragma: no-cache
1621Link: <http://www.auctionit.co.bw/wp-json/>; rel="https://api.w.org/"
1622Link: <http://www.auctionit.co.bw/>; rel=shortlink
1623X-TEC-API-VERSION: v1
1624X-TEC-API-ROOT: http://www.auctionit.co.bw/wp-json/tribe/events/v1/
1625X-TEC-API-ORIGIN: http://www.auctionit.co.bw
1626######################################################################################################################################
1627https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js
1628https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js
1629https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js
1630https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js
1631http://www.auctionit.co.bw/
1632http://www.auctionit.co.bw/about-us/
1633http://www.auctionit.co.bw/blog/
1634http://www.auctionit.co.bw/contact/
1635http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-8/
1636http://www.auctionit.co.bw/my-account/
1637http://www.auctionit.co.bw/?qs=1
1638http://www.auctionit.co.bw/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.3.5
1639http://www.auctionit.co.bw/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.4.1
1640http://www.auctionit.co.bw/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3
1641http://www.auctionit.co.bw/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
1642http://www.auctionit.co.bw/wp-includes/js/jquery/jquery.js?ver=4.9.13
1643http://www.auctionit.co.bw/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
1644http://www.auctionit.co.bw/wp-includes/js/wp-embed.min.js?ver=4.9.13
1645http://www.auctionit.co.bw/wp-login.php
1646http://www.auctionit.co.bw/wp-login.php?action=login
1647http://www.auctionit.co.bw/wp-login.php?action=register
1648http://www.w3.org/1999/xhtml
1649######################################################################################################################################
1650http://www.auctionit.co.bw [200 OK] Cookies[PHPSESSID], HTML5, HTTPServer[nginx], IP[154.73.84.17], JQuery[4.4.3,4.9.13], Script[text/javascript], Title[Auction It], UncommonHeaders[link,x-tec-api-version,x-tec-api-root,x-tec-api-origin], WordPress[4.9.8,4.9.9], X-UA-Compatible[IE=edge], nginx
1651######################################################################################################################################
1652wig - WebApp Information Gatherer
1653
1654
1655Scanning http://www.auctionit.co.bw...
1656_________________________________________ SITE INFO _________________________________________
1657IP Title
1658154.73.84.17 Auction It
1659
1660__________________________________________ VERSION __________________________________________
1661Name Versions Type
1662Roundcube CMS
1663WordPress 4.9.13 CMS
1664phpMyAdmin CMS
1665Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
1666 2.4.9
1667PHP Platform
1668nginx Platform
1669
1670________________________________________ INTERESTING ________________________________________
1671URL Note Type
1672/readme.html Readme file Interesting
1673/robots.txt robots.txt index Interesting
1674/test/ Test directory Interesting
1675/login/ Login Page Interesting
1676
1677___________________________________________ TOOLS ___________________________________________
1678Name Link Software
1679wpscan https://github.com/wpscanteam/wpscan WordPress
1680CMSmap https://github.com/Dionach/CMSmap WordPress
1681
1682_____________________________________________________________________________________________
1683Time: 82.8 sec Urls: 510 Fingerprints: 40401
1684#####################################################################################################################################
1685Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:16 EST
1686NSE: Loaded 161 scripts for scanning.
1687NSE: Script Pre-scanning.
1688Initiating NSE at 03:16
1689Completed NSE at 03:16, 0.00s elapsed
1690Initiating NSE at 03:16
1691Completed NSE at 03:16, 0.00s elapsed
1692Initiating Parallel DNS resolution of 1 host. at 03:16
1693Completed Parallel DNS resolution of 1 host. at 03:16, 0.02s elapsed
1694Initiating SYN Stealth Scan at 03:16
1695Scanning www.auctionit.co.bw (154.73.84.17) [1 port]
1696Discovered open port 80/tcp on 154.73.84.17
1697Completed SYN Stealth Scan at 03:16, 0.35s elapsed (1 total ports)
1698Initiating Service scan at 03:16
1699Scanning 1 service on www.auctionit.co.bw (154.73.84.17)
1700Completed Service scan at 03:16, 6.71s elapsed (1 service on 1 host)
1701Initiating OS detection (try #1) against www.auctionit.co.bw (154.73.84.17)
1702Retrying OS detection (try #2) against www.auctionit.co.bw (154.73.84.17)
1703Initiating Traceroute at 03:16
1704Completed Traceroute at 03:16, 3.17s elapsed
1705Initiating Parallel DNS resolution of 17 hosts. at 03:16
1706Completed Parallel DNS resolution of 17 hosts. at 03:16, 0.24s elapsed
1707NSE: Script scanning 154.73.84.17.
1708Initiating NSE at 03:16
1709Completed NSE at 03:18, 90.84s elapsed
1710Initiating NSE at 03:18
1711Completed NSE at 03:18, 1.59s elapsed
1712Nmap scan report for www.auctionit.co.bw (154.73.84.17)
1713Host is up (0.36s latency).
1714
1715PORT STATE SERVICE VERSION
171680/tcp open http nginx
1717| http-auth-finder:
1718| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=www.auctionit.co.bw
1719| url method
1720| http://www.auctionit.co.bw:80/wp-login.php?noaccess=1&redirect_to=%2Fadd-listing%2F FORM
1721| http://www.auctionit.co.bw:80/wp-login.php?action=register FORM
1722| http://www.auctionit.co.bw:80/wp-login.php?noaccess=1&redirect_to=%2Fmy-account%2F FORM
1723|_ http://www.auctionit.co.bw:80/wp-login.php?action=login FORM
1724| http-brute:
1725|_ Path "/" does not require authentication
1726|_http-chrono: Request times for /; avg: 1753.58ms; min: 1524.71ms; max: 1994.25ms
1727| http-cookie-flags:
1728| /:
1729| PHPSESSID:
1730|_ httponly flag not set
1731| http-csrf:
1732| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=www.auctionit.co.bw
1733| Found the following possible CSRF vulnerabilities:
1734|
1735| Path: http://www.auctionit.co.bw:80/wp-login.php?noaccess=1&redirect_to=%2Fadd-listing%2F
1736| Form id: loginform
1737| Form action: http://www.auctionit.co.bw/wp-login.php
1738|
1739| Path: http://www.auctionit.co.bw:80/contact/
1740| Form id: html_element
1741| Form action:
1742|
1743| Path: http://www.auctionit.co.bw:80/wp-login.php?action=register
1744| Form id: registerform
1745| Form action: http://www.auctionit.co.bw/wp-login.php?action=register
1746|
1747| Path: http://www.auctionit.co.bw:80/events/
1748| Form id: tribe-bar-form
1749| Form action: http://www.auctionit.co.bw/events?post_type=tribe_events&eventDisplay=default
1750|
1751| Path: http://www.auctionit.co.bw:80/wp-login.php?noaccess=1&redirect_to=%2Fmy-account%2F
1752| Form id: loginform
1753| Form action: http://www.auctionit.co.bw/wp-login.php
1754|
1755| Path: http://www.auctionit.co.bw:80/wp-login.php?action=login
1756| Form id: loginform
1757|_ Form action: http://www.auctionit.co.bw/wp-login.php
1758|_http-date: Fri, 07 Feb 2020 08:16:31 GMT; -11s from local time.
1759|_http-devframework: Wordpress detected. Found common traces on /
1760|_http-dombased-xss: Couldn't find any DOM based XSS.
1761|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
1762| http-errors:
1763| Spidering limited to: maxpagecount=40; withinhost=www.auctionit.co.bw
1764| Found the following error pages:
1765|
1766| Error Code: 400
1767|_ http://www.auctionit.co.bw:80
1768|_http-feed: Couldn't find any feeds.
1769|_http-fetch: Please enter the complete path of the directory to save data in.
1770| http-fileupload-exploiter:
1771|
1772| Couldn't find a file-type field.
1773|
1774| Couldn't find a file-type field.
1775|
1776| Couldn't find a file-type field.
1777|
1778| Couldn't find a file-type field.
1779|
1780| Couldn't find a file-type field.
1781|
1782| Couldn't find a file-type field.
1783|
1784| Couldn't find a file-type field.
1785|
1786| Couldn't find a file-type field.
1787|
1788| Couldn't find a file-type field.
1789|
1790| Couldn't find a file-type field.
1791|
1792|_ Couldn't find a file-type field.
1793| http-grep:
1794| (1) http://www.auctionit.co.bw:80/contact/:
1795| (1) email:
1796| + adrian@auctionit.co.bw
1797| (1) http://www.auctionit.co.bw:80/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fwww.auctionit.co.bw%2F&:
1798| (1) email:
1799|_ + maxwell.dichi@gmail.com
1800| http-headers:
1801| Server: nginx
1802| Date: Fri, 07 Feb 2020 08:16:27 GMT
1803| Content-Type: text/html; charset=UTF-8
1804| Connection: close
1805| Set-Cookie: PHPSESSID=dki50349t49nnhc5c5cs4h3a27; path=/
1806| Expires: Thu, 19 Nov 1981 08:52:00 GMT
1807| Cache-Control: no-store, no-cache, must-revalidate
1808| Pragma: no-cache
1809| Link: <http://www.auctionit.co.bw/wp-json/>; rel="https://api.w.org/"
1810| Link: <http://www.auctionit.co.bw/>; rel=shortlink
1811| X-TEC-API-VERSION: v1
1812| X-TEC-API-ROOT: http://www.auctionit.co.bw/wp-json/tribe/events/v1/
1813| X-TEC-API-ORIGIN: http://www.auctionit.co.bw
1814|
1815|_ (Request type: HEAD)
1816| http-methods:
1817|_ Supported Methods: GET HEAD POST OPTIONS
1818|_http-mobileversion-checker: No mobile version detected.
1819|_http-passwd: ERROR: Script execution failed (use -d to debug)
1820| http-robots.txt: 13 disallowed entries
1821| /calendar/action~posterboard/
1822| /calendar/action~agenda/ /calendar/action~oneday/ /calendar/action~month/
1823| /calendar/action~week/ /calendar/action~stream/
1824| /calendar/action~undefined/ /calendar/action~http:/ /calendar/action~default/
1825| /calendar/action~poster/ /calendar/action~*/
1826|_/*controller=ai1ec_exporter_controller* /*/action~*/
1827| http-security-headers:
1828| Cache_Control:
1829| Header: Cache-Control: no-store, no-cache, must-revalidate
1830| Pragma:
1831| Header: Pragma: no-cache
1832| Expires:
1833|_ Header: Expires: Thu, 19 Nov 1981 08:52:00 GMT
1834| http-sitemap-generator:
1835| Directory structure:
1836| /
1837| Other: 1; php: 1
1838| /about-us/
1839| Other: 1
1840| /auctions/
1841| Other: 1
1842| /blog/
1843| Other: 1
1844| /contact/
1845| Other: 1
1846| /event/hollard-insurance-salvage-vehicle-auction-8/
1847| Other: 1
1848| /events/
1849| Other: 1
1850| /terms-conditions/
1851| Other: 1
1852| /wp-content/themes/childtheme_auction_7/
1853| css: 1
1854| /wp-includes/js/
1855| js: 1
1856| /wp-includes/js/jquery/
1857| js: 1
1858| /wp-json/
1859| Other: 1
1860| /wp-json/oembed/1.0/
1861| Other: 1
1862| Longest directory structure:
1863| Depth: 3
1864| Dir: /wp-json/oembed/1.0/
1865| Total files found (by extension):
1866|_ Other: 10; css: 1; js: 2; php: 1
1867|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1868|_http-title: Auction It
1869|_http-trane-info: Problem with XML parsing of /evox/about
1870|_http-userdir-enum: Potential Users: test
1871| http-vhosts:
1872|_127 names had status 200
1873| http-waf-detect: IDS/IPS/WAF detected:
1874|_www.auctionit.co.bw:80/?p4yl04d3=<script>alert(document.cookie)</script>
1875| http-wordpress-brute:
1876| Accounts: No valid accounts found
1877| Statistics: Performed 0 guesses in 1 seconds, average tps: 0.0
1878|_ ERROR: The service seems to have failed or is heavily firewalled...
1879| http-wordpress-enum:
1880| Search limited to top 100 themes/plugins
1881| plugins
1882| akismet 4.0.8
1883|_ the-events-calendar 4.7.2
1884|_http-xssed: No previously reported XSS vuln.
1885Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1886Aggressive OS guesses: Linux 3.10 - 4.11 (92%), Linux 3.12 (92%), Linux 3.13 (92%), Linux 3.13 or 4.2 (92%), Linux 3.16 - 4.6 (92%), Linux 3.2 - 4.9 (92%), Linux 3.8 - 3.11 (92%), Linux 4.2 (92%), Linux 4.4 (92%), Linux 3.16 (90%)
1887No exact OS matches for host (test conditions non-ideal).
1888Uptime guess: 0.287 days (since Thu Feb 6 20:25:10 2020)
1889Network Distance: 18 hops
1890TCP Sequence Prediction: Difficulty=263 (Good luck!)
1891IP ID Sequence Generation: All zeros
1892
1893TRACEROUTE (using port 80/tcp)
1894HOP RTT ADDRESS
18951 61.56 ms 10.245.204.1
18962 91.02 ms R43.static.amanah.com (104.245.144.129)
18973 91.11 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
18984 91.10 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
18995 91.09 ms te0-9-1-9.ccr32.yyz02.atlas.cogentco.com (154.54.43.169)
19006 91.15 ms be3260.ccr22.ymq01.atlas.cogentco.com (154.54.42.90)
19017 161.57 ms be3043.ccr22.lpl01.atlas.cogentco.com (154.54.44.165)
19028 161.60 ms be2491.ccr52.lhr01.atlas.cogentco.com (154.54.39.118)
19039 161.63 ms be3488.ccr42.lon13.atlas.cogentco.com (154.54.60.13)
190410 161.63 ms be2871.ccr21.lon01.atlas.cogentco.com (154.54.58.186)
190511 120.04 ms te0-0-2-2.rcr11.b015592-1.lon01.atlas.cogentco.com (130.117.51.234)
190612 165.79 ms 149.14.80.218
190713 195.53 ms 41.191.219.221
190814 362.96 ms 41.191.216.33
190915 393.48 ms 41.191.218.28
191016 393.50 ms 41.191.216.158
191117 ...
191218 398.92 ms 154.73.84.17
1913
1914NSE: Script Post-scanning.
1915Initiating NSE at 03:18
1916Completed NSE at 03:18, 0.00s elapsed
1917Initiating NSE at 03:18
1918Completed NSE at 03:18, 0.00s elapsed
1919Read data files from: /usr/bin/../share/nmap
1920OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
1921Nmap done: 1 IP address (1 host up) scanned in 110.92 seconds
1922 Raw packets sent: 97 (7.880KB) | Rcvd: 52 (3.964KB)
1923#####################################################################################################################################
1924------------------------------------------------------------------------------------------------------------------------
1925
1926[ ! ] Starting SCANNER INURLBR 2.1 at [07-02-2020 03:18:30]
1927[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1928It is the end user's responsibility to obey all applicable local, state and federal laws.
1929Developers assume no liability and are not responsible for any misuse or damage caused by this program
1930
1931[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.auctionit.co.bw/output/inurlbr-www.auctionit.co.bw ]
1932[ INFO ][ DORK ]::[ site:www.auctionit.co.bw ]
1933[ INFO ][ SEARCHING ]:: {
1934[ INFO ][ ENGINE ]::[ GOOGLE - www.google.co.vi ]
1935
1936[ INFO ][ SEARCHING ]::
1937-[:::]
1938[ INFO ][ ENGINE ]::[ GOOGLE API ]
1939
1940[ INFO ][ SEARCHING ]::
1941-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1942[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.tr ID: 012873187529719969291:yexdhbzntue ]
1943
1944[ INFO ][ SEARCHING ]::
1945-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1946
1947[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
1948
1949
1950 _[ - ]::--------------------------------------------------------------------------------------------------------------
1951|_[ + ] [ 0 / 100 ]-[03:18:45] [ - ]
1952|_[ + ] Target:: [ http://www.auctionit.co.bw/ ]
1953|_[ + ] Exploit::
1954|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
1955|_[ + ] More details:: / - / , ISP:
1956|_[ + ] Found:: UNIDENTIFIED
1957
1958 _[ - ]::--------------------------------------------------------------------------------------------------------------
1959|_[ + ] [ 1 / 100 ]-[03:18:47] [ - ]
1960|_[ + ] Target:: [ http://www.auctionit.co.bw/faq/ ]
1961|_[ + ] Exploit::
1962|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
1963|_[ + ] More details:: / - / , ISP:
1964|_[ + ] Found:: UNIDENTIFIED
1965
1966 _[ - ]::--------------------------------------------------------------------------------------------------------------
1967|_[ + ] [ 2 / 100 ]-[03:18:49] [ - ]
1968|_[ + ] Target:: [ http://www.auctionit.co.bw/blog/ ]
1969|_[ + ] Exploit::
1970|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
1971|_[ + ] More details:: / - / , ISP:
1972|_[ + ] Found:: UNIDENTIFIED
1973
1974 _[ - ]::--------------------------------------------------------------------------------------------------------------
1975|_[ + ] [ 3 / 100 ]-[03:18:50] [ - ]
1976|_[ + ] Target:: [ http://www.auctionit.co.bw/contact/ ]
1977|_[ + ] Exploit::
1978|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
1979|_[ + ] More details:: / - / , ISP:
1980|_[ + ] Found:: UNIDENTIFIED
1981
1982 _[ - ]::--------------------------------------------------------------------------------------------------------------
1983|_[ + ] [ 4 / 100 ]-[03:18:52] [ - ]
1984|_[ + ] Target:: [ http://www.auctionit.co.bw/auctions/ ]
1985|_[ + ] Exploit::
1986|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
1987|_[ + ] More details:: / - / , ISP:
1988|_[ + ] Found:: UNIDENTIFIED
1989
1990 _[ - ]::--------------------------------------------------------------------------------------------------------------
1991|_[ + ] [ 5 / 100 ]-[03:18:54] [ - ]
1992|_[ + ] Target:: [ http://www.auctionit.co.bw/privacy/ ]
1993|_[ + ] Exploit::
1994|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
1995|_[ + ] More details:: / - / , ISP:
1996|_[ + ] Found:: UNIDENTIFIED
1997
1998 _[ - ]::--------------------------------------------------------------------------------------------------------------
1999|_[ + ] [ 6 / 100 ]-[03:18:56] [ - ]
2000|_[ + ] Target:: [ http://www.auctionit.co.bw/about-us/ ]
2001|_[ + ] Exploit::
2002|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2003|_[ + ] More details:: / - / , ISP:
2004|_[ + ] Found:: UNIDENTIFIED
2005
2006 _[ - ]::--------------------------------------------------------------------------------------------------------------
2007|_[ + ] [ 7 / 100 ]-[03:18:58] [ - ]
2008|_[ + ] Target:: [ http://www.auctionit.co.bw/terms-conditions/ ]
2009|_[ + ] Exploit::
2010|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2011|_[ + ] More details:: / - / , ISP:
2012|_[ + ] Found:: UNIDENTIFIED
2013
2014 _[ - ]::--------------------------------------------------------------------------------------------------------------
2015|_[ + ] [ 8 / 100 ]-[03:18:59] [ - ]
2016|_[ + ] Target:: [ http://www.auctionit.co.bw/category/auction/ ]
2017|_[ + ] Exploit::
2018|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2019|_[ + ] More details:: / - / , ISP:
2020|_[ + ] Found:: UNIDENTIFIED
2021
2022 _[ - ]::--------------------------------------------------------------------------------------------------------------
2023|_[ + ] [ 9 / 100 ]-[03:19:00] [ - ]
2024|_[ + ] Target:: [ http://www.auctionit.co.bw/add-listing/ ]
2025|_[ + ] Exploit::
2026|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: nginx , IP:154.73.84.17:80
2027|_[ + ] More details:: / - / , ISP:
2028|_[ + ] Found:: UNIDENTIFIED
2029
2030 _[ - ]::--------------------------------------------------------------------------------------------------------------
2031|_[ + ] [ 10 / 100 ]-[03:19:02] [ - ]
2032|_[ + ] Target:: [ http://www.auctionit.co.bw/my-account/ ]
2033|_[ + ] Exploit::
2034|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: nginx , IP:154.73.84.17:80
2035|_[ + ] More details:: / - / , ISP:
2036|_[ + ] Found:: UNIDENTIFIED
2037
2038 _[ - ]::--------------------------------------------------------------------------------------------------------------
2039|_[ + ] [ 11 / 100 ]-[03:19:03] [ - ]
2040|_[ + ] Target:: [ http://www.auctionit.co.bw/?qs=1 ]
2041|_[ + ] Exploit::
2042|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2043|_[ + ] More details:: / - / , ISP:
2044|_[ + ] Found:: UNIDENTIFIED
2045
2046 _[ - ]::--------------------------------------------------------------------------------------------------------------
2047|_[ + ] [ 12 / 100 ]-[03:19:05] [ - ]
2048|_[ + ] Target:: [ http://www.auctionit.co.bw/wp-login.php ]
2049|_[ + ] Exploit::
2050|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2051|_[ + ] More details:: / - / , ISP:
2052|_[ + ] Found:: UNIDENTIFIED
2053
2054 _[ - ]::--------------------------------------------------------------------------------------------------------------
2055|_[ + ] [ 13 / 100 ]-[03:19:06] [ - ]
2056|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-01-31/ ]
2057|_[ + ] Exploit::
2058|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2059|_[ + ] More details:: / - / , ISP:
2060|_[ + ] Found:: UNIDENTIFIED
2061
2062 _[ - ]::--------------------------------------------------------------------------------------------------------------
2063|_[ + ] [ 14 / 100 ]-[03:19:08] [ - ]
2064|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-06-29/ ]
2065|_[ + ] Exploit::
2066|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2067|_[ + ] More details:: / - / , ISP:
2068|_[ + ] Found:: UNIDENTIFIED
2069
2070 _[ - ]::--------------------------------------------------------------------------------------------------------------
2071|_[ + ] [ 15 / 100 ]-[03:19:10] [ - ]
2072|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-02-27/ ]
2073|_[ + ] Exploit::
2074|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2075|_[ + ] More details:: / - / , ISP:
2076|_[ + ] Found:: UNIDENTIFIED
2077
2078 _[ - ]::--------------------------------------------------------------------------------------------------------------
2079|_[ + ] [ 16 / 100 ]-[03:19:11] [ - ]
2080|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-08-27/ ]
2081|_[ + ] Exploit::
2082|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2083|_[ + ] More details:: / - / , ISP:
2084|_[ + ] Found:: UNIDENTIFIED
2085
2086 _[ - ]::--------------------------------------------------------------------------------------------------------------
2087|_[ + ] [ 17 / 100 ]-[03:19:13] [ - ]
2088|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-03-28/ ]
2089|_[ + ] Exploit::
2090|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2091|_[ + ] More details:: / - / , ISP:
2092|_[ + ] Found:: UNIDENTIFIED
2093
2094 _[ - ]::--------------------------------------------------------------------------------------------------------------
2095|_[ + ] [ 18 / 100 ]-[03:19:15] [ - ]
2096|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-05-23/ ]
2097|_[ + ] Exploit::
2098|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2099|_[ + ] More details:: / - / , ISP:
2100|_[ + ] Found:: UNIDENTIFIED
2101
2102 _[ - ]::--------------------------------------------------------------------------------------------------------------
2103|_[ + ] [ 19 / 100 ]-[03:19:17] [ - ]
2104|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2018-11-06/ ]
2105|_[ + ] Exploit::
2106|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2107|_[ + ] More details:: / - / , ISP:
2108|_[ + ] Found:: UNIDENTIFIED
2109
2110 _[ - ]::--------------------------------------------------------------------------------------------------------------
2111|_[ + ] [ 20 / 100 ]-[03:19:19] [ - ]
2112|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-08-28/ ]
2113|_[ + ] Exploit::
2114|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2115|_[ + ] More details:: / - / , ISP:
2116|_[ + ] Found:: UNIDENTIFIED
2117
2118 _[ - ]::--------------------------------------------------------------------------------------------------------------
2119|_[ + ] [ 21 / 100 ]-[03:19:20] [ - ]
2120|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-08-01/ ]
2121|_[ + ] Exploit::
2122|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2123|_[ + ] More details:: / - / , ISP:
2124|_[ + ] Found:: UNIDENTIFIED
2125
2126 _[ - ]::--------------------------------------------------------------------------------------------------------------
2127|_[ + ] [ 22 / 100 ]-[03:19:22] [ - ]
2128|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-08-29/ ]
2129|_[ + ] Exploit::
2130|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2131|_[ + ] More details:: / - / , ISP:
2132|_[ + ] Found:: UNIDENTIFIED
2133
2134 _[ - ]::--------------------------------------------------------------------------------------------------------------
2135|_[ + ] [ 23 / 100 ]-[03:19:24] [ - ]
2136|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2018-12-06/ ]
2137|_[ + ] Exploit::
2138|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2139|_[ + ] More details:: / - / , ISP:
2140|_[ + ] Found:: UNIDENTIFIED
2141
2142 _[ - ]::--------------------------------------------------------------------------------------------------------------
2143|_[ + ] [ 24 / 100 ]-[03:19:26] [ - ]
2144|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-07-27/ ]
2145|_[ + ] Exploit::
2146|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2147|_[ + ] More details:: / - / , ISP:
2148|_[ + ] Found:: UNIDENTIFIED
2149
2150 _[ - ]::--------------------------------------------------------------------------------------------------------------
2151|_[ + ] [ 25 / 100 ]-[03:19:27] [ - ]
2152|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2018-10-24/ ]
2153|_[ + ] Exploit::
2154|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2155|_[ + ] More details:: / - / , ISP:
2156|_[ + ] Found:: UNIDENTIFIED
2157
2158 _[ - ]::--------------------------------------------------------------------------------------------------------------
2159|_[ + ] [ 26 / 100 ]-[03:19:29] [ - ]
2160|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-07-30/ ]
2161|_[ + ] Exploit::
2162|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2163|_[ + ] More details:: / - / , ISP:
2164|_[ + ] Found:: UNIDENTIFIED
2165
2166 _[ - ]::--------------------------------------------------------------------------------------------------------------
2167|_[ + ] [ 27 / 100 ]-[03:19:31] [ - ]
2168|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2018-12-05/ ]
2169|_[ + ] Exploit::
2170|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2171|_[ + ] More details:: / - / , ISP:
2172|_[ + ] Found:: UNIDENTIFIED
2173
2174 _[ - ]::--------------------------------------------------------------------------------------------------------------
2175|_[ + ] [ 28 / 100 ]-[03:19:32] [ - ]
2176|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-06-25/ ]
2177|_[ + ] Exploit::
2178|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2179|_[ + ] More details:: / - / , ISP:
2180|_[ + ] Found:: UNIDENTIFIED
2181
2182 _[ - ]::--------------------------------------------------------------------------------------------------------------
2183|_[ + ] [ 29 / 100 ]-[03:19:34] [ - ]
2184|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-01-30/ ]
2185|_[ + ] Exploit::
2186|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2187|_[ + ] More details:: / - / , ISP:
2188|_[ + ] Found:: UNIDENTIFIED
2189
2190 _[ - ]::--------------------------------------------------------------------------------------------------------------
2191|_[ + ] [ 30 / 100 ]-[03:19:36] [ - ]
2192|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-06-27/ ]
2193|_[ + ] Exploit::
2194|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2195|_[ + ] More details:: / - / , ISP:
2196|_[ + ] Found:: UNIDENTIFIED
2197
2198 _[ - ]::--------------------------------------------------------------------------------------------------------------
2199|_[ + ] [ 31 / 100 ]-[03:19:37] [ - ]
2200|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-03-27/ ]
2201|_[ + ] Exploit::
2202|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2203|_[ + ] More details:: / - / , ISP:
2204|_[ + ] Found:: UNIDENTIFIED
2205
2206 _[ - ]::--------------------------------------------------------------------------------------------------------------
2207|_[ + ] [ 32 / 100 ]-[03:19:39] [ - ]
2208|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-02-26/ ]
2209|_[ + ] Exploit::
2210|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2211|_[ + ] More details:: / - / , ISP:
2212|_[ + ] Found:: UNIDENTIFIED
2213
2214 _[ - ]::--------------------------------------------------------------------------------------------------------------
2215|_[ + ] [ 33 / 100 ]-[03:19:41] [ - ]
2216|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-06-26/ ]
2217|_[ + ] Exploit::
2218|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2219|_[ + ] More details:: / - / , ISP:
2220|_[ + ] Found:: UNIDENTIFIED
2221
2222 _[ - ]::--------------------------------------------------------------------------------------------------------------
2223|_[ + ] [ 34 / 100 ]-[03:19:43] [ - ]
2224|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-07-31/ ]
2225|_[ + ] Exploit::
2226|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2227|_[ + ] More details:: / - / , ISP:
2228|_[ + ] Found:: UNIDENTIFIED
2229
2230 _[ - ]::--------------------------------------------------------------------------------------------------------------
2231|_[ + ] [ 35 / 100 ]-[03:19:45] [ - ]
2232|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-02-28/ ]
2233|_[ + ] Exploit::
2234|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2235|_[ + ] More details:: / - / , ISP:
2236|_[ + ] Found:: UNIDENTIFIED
2237
2238 _[ - ]::--------------------------------------------------------------------------------------------------------------
2239|_[ + ] [ 36 / 100 ]-[03:19:46] [ - ]
2240|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-01-29/ ]
2241|_[ + ] Exploit::
2242|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2243|_[ + ] More details:: / - / , ISP:
2244|_[ + ] Found:: UNIDENTIFIED
2245
2246 _[ - ]::--------------------------------------------------------------------------------------------------------------
2247|_[ + ] [ 37 / 100 ]-[03:19:48] [ - ]
2248|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2018-11-07/ ]
2249|_[ + ] Exploit::
2250|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2251|_[ + ] More details:: / - / , ISP:
2252|_[ + ] Found:: UNIDENTIFIED
2253
2254 _[ - ]::--------------------------------------------------------------------------------------------------------------
2255|_[ + ] [ 38 / 100 ]-[03:19:50] [ - ]
2256|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-05-28/ ]
2257|_[ + ] Exploit::
2258|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2259|_[ + ] More details:: / - / , ISP:
2260|_[ + ] Found:: UNIDENTIFIED
2261
2262 _[ - ]::--------------------------------------------------------------------------------------------------------------
2263|_[ + ] [ 39 / 100 ]-[03:19:51] [ - ]
2264|_[ + ] Target:: [ http://www.auctionit.co.bw/events/2019-03-26/ ]
2265|_[ + ] Exploit::
2266|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2267|_[ + ] More details:: / - / , ISP:
2268|_[ + ] Found:: UNIDENTIFIED
2269
2270 _[ - ]::--------------------------------------------------------------------------------------------------------------
2271|_[ + ] [ 40 / 100 ]-[03:19:53] [ - ]
2272|_[ + ] Target:: [ http://www.auctionit.co.bw/event/condom-manufacturing-plant-auction/ ]
2273|_[ + ] Exploit::
2274|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2275|_[ + ] More details:: / - / , ISP:
2276|_[ + ] Found:: UNIDENTIFIED
2277
2278 _[ - ]::--------------------------------------------------------------------------------------------------------------
2279|_[ + ] [ 41 / 100 ]-[03:19:55] [ - ]
2280|_[ + ] Target:: [ http://www.auctionit.co.bw/event/furniture-and-appliances-auction/ ]
2281|_[ + ] Exploit::
2282|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2283|_[ + ] More details:: / - / , ISP:
2284|_[ + ] Found:: UNIDENTIFIED
2285
2286 _[ - ]::--------------------------------------------------------------------------------------------------------------
2287|_[ + ] [ 42 / 100 ]-[03:19:56] [ - ]
2288|_[ + ] Target:: [ http://www.auctionit.co.bw/wp-login.php?action=register ]
2289|_[ + ] Exploit::
2290|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2291|_[ + ] More details:: / - / , ISP:
2292|_[ + ] Found:: UNIDENTIFIED
2293
2294 _[ - ]::--------------------------------------------------------------------------------------------------------------
2295|_[ + ] [ 43 / 100 ]-[03:19:58] [ - ]
2296|_[ + ] Target:: [ http://www.auctionit.co.bw/wp-login.php?registration=disabled ]
2297|_[ + ] Exploit::
2298|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2299|_[ + ] More details:: / - / , ISP:
2300|_[ + ] Found:: UNIDENTIFIED
2301
2302 _[ - ]::--------------------------------------------------------------------------------------------------------------
2303|_[ + ] [ 44 / 100 ]-[03:20:00] [ - ]
2304|_[ + ] Target:: [ http://www.auctionit.co.bw/wp-login.php?action=lostpassword ]
2305|_[ + ] Exploit::
2306|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2307|_[ + ] More details:: / - / , ISP:
2308|_[ + ] Found:: UNIDENTIFIED
2309
2310 _[ - ]::--------------------------------------------------------------------------------------------------------------
2311|_[ + ] [ 45 / 100 ]-[03:20:01] [ - ]
2312|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-05-23/ ]
2313|_[ + ] Exploit::
2314|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2315|_[ + ] More details:: / - / , ISP:
2316|_[ + ] Found:: UNIDENTIFIED
2317
2318 _[ - ]::--------------------------------------------------------------------------------------------------------------
2319|_[ + ] [ 46 / 100 ]-[03:20:03] [ - ]
2320|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-08-28/ ]
2321|_[ + ] Exploit::
2322|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2323|_[ + ] More details:: / - / , ISP:
2324|_[ + ] Found:: UNIDENTIFIED
2325
2326 _[ - ]::--------------------------------------------------------------------------------------------------------------
2327|_[ + ] [ 47 / 100 ]-[03:20:05] [ - ]
2328|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-06-27/ ]
2329|_[ + ] Exploit::
2330|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2331|_[ + ] More details:: / - / , ISP:
2332|_[ + ] Found:: UNIDENTIFIED
2333
2334 _[ - ]::--------------------------------------------------------------------------------------------------------------
2335|_[ + ] [ 48 / 100 ]-[03:20:07] [ - ]
2336|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-06-25/ ]
2337|_[ + ] Exploit::
2338|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2339|_[ + ] More details:: / - / , ISP:
2340|_[ + ] Found:: UNIDENTIFIED
2341
2342 _[ - ]::--------------------------------------------------------------------------------------------------------------
2343|_[ + ] [ 49 / 100 ]-[03:20:08] [ - ]
2344|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-05-28/ ]
2345|_[ + ] Exploit::
2346|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2347|_[ + ] More details:: / - / , ISP:
2348|_[ + ] Found:: UNIDENTIFIED
2349
2350 _[ - ]::--------------------------------------------------------------------------------------------------------------
2351|_[ + ] [ 50 / 100 ]-[03:20:10] [ - ]
2352|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2018-12-06/ ]
2353|_[ + ] Exploit::
2354|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2355|_[ + ] More details:: / - / , ISP:
2356|_[ + ] Found:: UNIDENTIFIED
2357
2358 _[ - ]::--------------------------------------------------------------------------------------------------------------
2359|_[ + ] [ 51 / 100 ]-[03:20:12] [ - ]
2360|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-02-28/ ]
2361|_[ + ] Exploit::
2362|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2363|_[ + ] More details:: / - / , ISP:
2364|_[ + ] Found:: UNIDENTIFIED
2365
2366 _[ - ]::--------------------------------------------------------------------------------------------------------------
2367|_[ + ] [ 52 / 100 ]-[03:20:14] [ - ]
2368|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-06-26/ ]
2369|_[ + ] Exploit::
2370|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2371|_[ + ] More details:: / - / , ISP:
2372|_[ + ] Found:: UNIDENTIFIED
2373
2374 _[ - ]::--------------------------------------------------------------------------------------------------------------
2375|_[ + ] [ 53 / 100 ]-[03:20:15] [ - ]
2376|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-07-30/ ]
2377|_[ + ] Exploit::
2378|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2379|_[ + ] More details:: / - / , ISP:
2380|_[ + ] Found:: UNIDENTIFIED
2381
2382 _[ - ]::--------------------------------------------------------------------------------------------------------------
2383|_[ + ] [ 54 / 100 ]-[03:20:17] [ - ]
2384|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-03-28/ ]
2385|_[ + ] Exploit::
2386|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2387|_[ + ] More details:: / - / , ISP:
2388|_[ + ] Found:: UNIDENTIFIED
2389
2390 _[ - ]::--------------------------------------------------------------------------------------------------------------
2391|_[ + ] [ 55 / 100 ]-[03:20:19] [ - ]
2392|_[ + ] Target:: [ http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction/ ]
2393|_[ + ] Exploit::
2394|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2395|_[ + ] More details:: / - / , ISP:
2396|_[ + ] Found:: UNIDENTIFIED
2397
2398 _[ - ]::--------------------------------------------------------------------------------------------------------------
2399|_[ + ] [ 56 / 100 ]-[03:20:21] [ - ]
2400|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-07-27/ ]
2401|_[ + ] Exploit::
2402|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2403|_[ + ] More details:: / - / , ISP:
2404|_[ + ] Found:: UNIDENTIFIED
2405
2406 _[ - ]::--------------------------------------------------------------------------------------------------------------
2407|_[ + ] [ 57 / 100 ]-[03:20:23] [ - ]
2408|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-06-29/ ]
2409|_[ + ] Exploit::
2410|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2411|_[ + ] More details:: / - / , ISP:
2412|_[ + ] Found:: UNIDENTIFIED
2413
2414 _[ - ]::--------------------------------------------------------------------------------------------------------------
2415|_[ + ] [ 58 / 100 ]-[03:20:24] [ - ]
2416|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-08-01/ ]
2417|_[ + ] Exploit::
2418|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2419|_[ + ] More details:: / - / , ISP:
2420|_[ + ] Found:: UNIDENTIFIED
2421
2422 _[ - ]::--------------------------------------------------------------------------------------------------------------
2423|_[ + ] [ 59 / 100 ]-[03:20:26] [ - ]
2424|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2018-12-05/ ]
2425|_[ + ] Exploit::
2426|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2427|_[ + ] More details:: / - / , ISP:
2428|_[ + ] Found:: UNIDENTIFIED
2429
2430 _[ - ]::--------------------------------------------------------------------------------------------------------------
2431|_[ + ] [ 60 / 100 ]-[03:20:28] [ - ]
2432|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-07-31/ ]
2433|_[ + ] Exploit::
2434|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2435|_[ + ] More details:: / - / , ISP:
2436|_[ + ] Found:: UNIDENTIFIED
2437
2438 _[ - ]::--------------------------------------------------------------------------------------------------------------
2439|_[ + ] [ 61 / 100 ]-[03:20:30] [ - ]
2440|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2018-11-07/ ]
2441|_[ + ] Exploit::
2442|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2443|_[ + ] More details:: / - / , ISP:
2444|_[ + ] Found:: UNIDENTIFIED
2445
2446 _[ - ]::--------------------------------------------------------------------------------------------------------------
2447|_[ + ] [ 62 / 100 ]-[03:20:31] [ - ]
2448|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-08-27/ ]
2449|_[ + ] Exploit::
2450|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2451|_[ + ] More details:: / - / , ISP:
2452|_[ + ] Found:: UNIDENTIFIED
2453
2454 _[ - ]::--------------------------------------------------------------------------------------------------------------
2455|_[ + ] [ 63 / 100 ]-[03:20:33] [ - ]
2456|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2019-08-29/ ]
2457|_[ + ] Exploit::
2458|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2459|_[ + ] More details:: / - / , ISP:
2460|_[ + ] Found:: UNIDENTIFIED
2461
2462 _[ - ]::--------------------------------------------------------------------------------------------------------------
2463|_[ + ] [ 64 / 100 ]-[03:20:35] [ - ]
2464|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2018-11-06/ ]
2465|_[ + ] Exploit::
2466|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2467|_[ + ] More details:: / - / , ISP:
2468|_[ + ] Found:: UNIDENTIFIED
2469
2470 _[ - ]::--------------------------------------------------------------------------------------------------------------
2471|_[ + ] [ 65 / 100 ]-[03:20:37] [ - ]
2472|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/2018-10-24/ ]
2473|_[ + ] Exploit::
2474|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2475|_[ + ] More details:: / - / , ISP:
2476|_[ + ] Found:: UNIDENTIFIED
2477
2478 _[ - ]::--------------------------------------------------------------------------------------------------------------
2479|_[ + ] [ 66 / 100 ]-[03:20:38] [ - ]
2480|_[ + ] Target:: [ http://www.auctionit.co.bw/?core_aj=1&action=registerform ]
2481|_[ + ] Exploit::
2482|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2483|_[ + ] More details:: / - / , ISP:
2484|_[ + ] Found:: UNIDENTIFIED
2485
2486 _[ - ]::--------------------------------------------------------------------------------------------------------------
2487|_[ + ] [ 67 / 100 ]-[03:20:40] [ - ]
2488|_[ + ] Target:: [ http://www.auctionit.co.bw/events/list/?tribe_event_display=past&tribe_paged=2 ]
2489|_[ + ] Exploit::
2490|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2491|_[ + ] More details:: / - / , ISP:
2492|_[ + ] Found:: UNIDENTIFIED
2493
2494 _[ - ]::--------------------------------------------------------------------------------------------------------------
2495|_[ + ] [ 68 / 100 ]-[03:20:41] [ - ]
2496|_[ + ] Target:: [ http://www.auctionit.co.bw/?core_aj=1&action=loginform ]
2497|_[ + ] Exploit::
2498|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2499|_[ + ] More details:: / - / , ISP:
2500|_[ + ] Found:: UNIDENTIFIED
2501
2502 _[ - ]::--------------------------------------------------------------------------------------------------------------
2503|_[ + ] [ 69 / 100 ]-[03:20:43] [ - ]
2504|_[ + ] Target:: [ http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-6/ ]
2505|_[ + ] Exploit::
2506|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2507|_[ + ] More details:: / - / , ISP:
2508|_[ + ] Found:: UNIDENTIFIED
2509
2510 _[ - ]::--------------------------------------------------------------------------------------------------------------
2511|_[ + ] [ 70 / 100 ]-[03:20:45] [ - ]
2512|_[ + ] Target:: [ http://www.auctionit.co.bw/events/list/?tribe_event_display=past&tribe_paged=1 ]
2513|_[ + ] Exploit::
2514|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2515|_[ + ] More details:: / - / , ISP:
2516|_[ + ] Found:: UNIDENTIFIED
2517
2518 _[ - ]::--------------------------------------------------------------------------------------------------------------
2519|_[ + ] [ 71 / 100 ]-[03:20:47] [ - ]
2520|_[ + ] Target:: [ http://www.auctionit.co.bw/events/list/?tribe_event_display=past&tribe_paged=3 ]
2521|_[ + ] Exploit::
2522|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2523|_[ + ] More details:: / - / , ISP:
2524|_[ + ] Found:: UNIDENTIFIED
2525
2526 _[ - ]::--------------------------------------------------------------------------------------------------------------
2527|_[ + ] [ 72 / 100 ]-[03:20:49] [ - ]
2528|_[ + ] Target:: [ http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-7/ ]
2529|_[ + ] Exploit::
2530|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2531|_[ + ] More details:: / - / , ISP:
2532|_[ + ] Found:: UNIDENTIFIED
2533
2534 _[ - ]::--------------------------------------------------------------------------------------------------------------
2535|_[ + ] [ 73 / 100 ]-[03:20:50] [ - ]
2536|_[ + ] Target:: [ http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-4/ ]
2537|_[ + ] Exploit::
2538|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2539|_[ + ] More details:: / - / , ISP:
2540|_[ + ] Found:: UNIDENTIFIED
2541
2542 _[ - ]::--------------------------------------------------------------------------------------------------------------
2543|_[ + ] [ 74 / 100 ]-[03:20:52] [ - ]
2544|_[ + ] Target:: [ http://www.auctionit.co.bw/2018/07/29/example-blog-post-6/ ]
2545|_[ + ] Exploit::
2546|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2547|_[ + ] More details:: / - / , ISP:
2548|_[ + ] Found:: UNIDENTIFIED
2549
2550 _[ - ]::--------------------------------------------------------------------------------------------------------------
2551|_[ + ] [ 75 / 100 ]-[03:20:54] [ - ]
2552|_[ + ] Target:: [ http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-5/ ]
2553|_[ + ] Exploit::
2554|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2555|_[ + ] More details:: / - / , ISP:
2556|_[ + ] Found:: UNIDENTIFIED
2557
2558 _[ - ]::--------------------------------------------------------------------------------------------------------------
2559|_[ + ] [ 76 / 100 ]-[03:20:56] [ - ]
2560|_[ + ] Target:: [ http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-3/ ]
2561|_[ + ] Exploit::
2562|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2563|_[ + ] More details:: / - / , ISP:
2564|_[ + ] Found:: UNIDENTIFIED
2565
2566 _[ - ]::--------------------------------------------------------------------------------------------------------------
2567|_[ + ] [ 77 / 100 ]-[03:20:57] [ - ]
2568|_[ + ] Target:: [ http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-2/ ]
2569|_[ + ] Exploit::
2570|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2571|_[ + ] More details:: / - / , ISP:
2572|_[ + ] Found:: UNIDENTIFIED
2573
2574 _[ - ]::--------------------------------------------------------------------------------------------------------------
2575|_[ + ] [ 78 / 100 ]-[03:20:59] [ - ]
2576|_[ + ] Target:: [ http://www.auctionit.co.bw/2018/07/29/example-blog-post-8/ ]
2577|_[ + ] Exploit::
2578|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2579|_[ + ] More details:: / - / , ISP:
2580|_[ + ] Found:: UNIDENTIFIED
2581
2582 _[ - ]::--------------------------------------------------------------------------------------------------------------
2583|_[ + ] [ 79 / 100 ]-[03:21:01] [ - ]
2584|_[ + ] Target:: [ http://www.auctionit.co.bw/event/botswana-insurance-company-salvage-vehicle-auction/ ]
2585|_[ + ] Exploit::
2586|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2587|_[ + ] More details:: / - / , ISP:
2588|_[ + ] Found:: UNIDENTIFIED
2589
2590 _[ - ]::--------------------------------------------------------------------------------------------------------------
2591|_[ + ] [ 80 / 100 ]-[03:21:03] [ - ]
2592|_[ + ] Target:: [ http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-8/ ]
2593|_[ + ] Exploit::
2594|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2595|_[ + ] More details:: / - / , ISP:
2596|_[ + ] Found:: UNIDENTIFIED
2597
2598 _[ - ]::--------------------------------------------------------------------------------------------------------------
2599|_[ + ] [ 81 / 100 ]-[03:21:05] [ - ]
2600|_[ + ] Target:: [ http://www.auctionit.co.bw/2018/07/29/example-blog-post-7/ ]
2601|_[ + ] Exploit::
2602|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2603|_[ + ] More details:: / - / , ISP:
2604|_[ + ] Found:: UNIDENTIFIED
2605
2606 _[ - ]::--------------------------------------------------------------------------------------------------------------
2607|_[ + ] [ 82 / 100 ]-[03:21:07] [ - ]
2608|_[ + ] Target:: [ http://www.auctionit.co.bw/event/botswana-insurance-company-salvage-vehicle-auction-6/ ]
2609|_[ + ] Exploit::
2610|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2611|_[ + ] More details:: / - / , ISP:
2612|_[ + ] Found:: UNIDENTIFIED
2613
2614 _[ - ]::--------------------------------------------------------------------------------------------------------------
2615|_[ + ] [ 83 / 100 ]-[03:21:08] [ - ]
2616|_[ + ] Target:: [ http://www.auctionit.co.bw/event/botswana-insurance-company-salvage-vehicle-auction-7/ ]
2617|_[ + ] Exploit::
2618|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2619|_[ + ] More details:: / - / , ISP:
2620|_[ + ] Found:: UNIDENTIFIED
2621
2622 _[ - ]::--------------------------------------------------------------------------------------------------------------
2623|_[ + ] [ 84 / 100 ]-[03:21:10] [ - ]
2624|_[ + ] Target:: [ http://www.auctionit.co.bw/event/botswana-insurance-company-salvage-vehicle-auction-5/ ]
2625|_[ + ] Exploit::
2626|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2627|_[ + ] More details:: / - / , ISP:
2628|_[ + ] Found:: UNIDENTIFIED
2629
2630 _[ - ]::--------------------------------------------------------------------------------------------------------------
2631|_[ + ] [ 85 / 100 ]-[03:21:12] [ - ]
2632|_[ + ] Target:: [ http://www.auctionit.co.bw/event/botswana-insurance-company-salvage-vehicle-auction-3/ ]
2633|_[ + ] Exploit::
2634|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2635|_[ + ] More details:: / - / , ISP:
2636|_[ + ] Found:: UNIDENTIFIED
2637
2638 _[ - ]::--------------------------------------------------------------------------------------------------------------
2639|_[ + ] [ 86 / 100 ]-[03:21:14] [ - ]
2640|_[ + ] Target:: [ http://www.auctionit.co.bw/event/botswana-insurance-company-salvage-vehicle-auction-8/ ]
2641|_[ + ] Exploit::
2642|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2643|_[ + ] More details:: / - / , ISP:
2644|_[ + ] Found:: UNIDENTIFIED
2645
2646 _[ - ]::--------------------------------------------------------------------------------------------------------------
2647|_[ + ] [ 87 / 100 ]-[03:21:15] [ - ]
2648|_[ + ] Target:: [ http://www.auctionit.co.bw/event/botswana-insurance-company-salvage-vehicle-auction-2/ ]
2649|_[ + ] Exploit::
2650|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2651|_[ + ] More details:: / - / , ISP:
2652|_[ + ] Found:: UNIDENTIFIED
2653
2654 _[ - ]::--------------------------------------------------------------------------------------------------------------
2655|_[ + ] [ 88 / 100 ]-[03:21:17] [ - ]
2656|_[ + ] Target:: [ http://www.auctionit.co.bw/event/bank-repossessed-and-insurance-salvage-vehicle-auction/ ]
2657|_[ + ] Exploit::
2658|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2659|_[ + ] More details:: / - / , ISP:
2660|_[ + ] Found:: UNIDENTIFIED
2661
2662 _[ - ]::--------------------------------------------------------------------------------------------------------------
2663|_[ + ] [ 89 / 100 ]-[03:21:19] [ - ]
2664|_[ + ] Target:: [ http://www.auctionit.co.bw/event/botswana-insurance-company-salvage-vehicle-auction-4/ ]
2665|_[ + ] Exploit::
2666|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2667|_[ + ] More details:: / - / , ISP:
2668|_[ + ] Found:: UNIDENTIFIED
2669
2670 _[ - ]::--------------------------------------------------------------------------------------------------------------
2671|_[ + ] [ 90 / 100 ]-[03:21:21] [ - ]
2672|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/list/?tribe_event_display=past&tribe_paged=2 ]
2673|_[ + ] Exploit::
2674|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2675|_[ + ] More details:: / - / , ISP:
2676|_[ + ] Found:: UNIDENTIFIED
2677
2678 _[ - ]::--------------------------------------------------------------------------------------------------------------
2679|_[ + ] [ 91 / 100 ]-[03:21:23] [ - ]
2680|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/list/?tribe_event_display=past&tribe_paged=1 ]
2681|_[ + ] Exploit::
2682|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2683|_[ + ] More details:: / - / , ISP:
2684|_[ + ] Found:: UNIDENTIFIED
2685
2686 _[ - ]::--------------------------------------------------------------------------------------------------------------
2687|_[ + ] [ 92 / 100 ]-[03:21:25] [ - ]
2688|_[ + ] Target:: [ http://www.auctionit.co.bw/events/category/auction/list/?tribe_event_display=list&tribe_paged=1 ]
2689|_[ + ] Exploit::
2690|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2691|_[ + ] More details:: / - / , ISP:
2692|_[ + ] Found:: UNIDENTIFIED
2693
2694 _[ - ]::--------------------------------------------------------------------------------------------------------------
2695|_[ + ] [ 93 / 100 ]-[03:21:27] [ - ]
2696|_[ + ] Target:: [ http://www.auctionit.co.bw/event/b-u-a-n-furniture-and-appliances-auction/ ]
2697|_[ + ] Exploit::
2698|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2699|_[ + ] More details:: / - / , ISP:
2700|_[ + ] Found:: UNIDENTIFIED
2701
2702 _[ - ]::--------------------------------------------------------------------------------------------------------------
2703|_[ + ] [ 94 / 100 ]-[03:21:28] [ - ]
2704|_[ + ] Target:: [ http://www.auctionit.co.bw/event/bank-repossessed-and-insurance-salvage-vehicle-auction-7/ ]
2705|_[ + ] Exploit::
2706|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2707|_[ + ] More details:: / - / , ISP:
2708|_[ + ] Found:: UNIDENTIFIED
2709
2710 _[ - ]::--------------------------------------------------------------------------------------------------------------
2711|_[ + ] [ 95 / 100 ]-[03:21:30] [ - ]
2712|_[ + ] Target:: [ http://www.auctionit.co.bw/event/bank-repossessed-and-insurance-salvage-vehicle-auction-2/ ]
2713|_[ + ] Exploit::
2714|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2715|_[ + ] More details:: / - / , ISP:
2716|_[ + ] Found:: UNIDENTIFIED
2717
2718 _[ - ]::--------------------------------------------------------------------------------------------------------------
2719|_[ + ] [ 96 / 100 ]-[03:21:32] [ - ]
2720|_[ + ] Target:: [ http://www.auctionit.co.bw/event/bank-repossessed-and-insurance-salvage-vehicle-auction-8/ ]
2721|_[ + ] Exploit::
2722|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2723|_[ + ] More details:: / - / , ISP:
2724|_[ + ] Found:: UNIDENTIFIED
2725
2726 _[ - ]::--------------------------------------------------------------------------------------------------------------
2727|_[ + ] [ 97 / 100 ]-[03:21:34] [ - ]
2728|_[ + ] Target:: [ http://www.auctionit.co.bw/event/bank-repossessed-and-insurance-salvage-vehicle-auction-5/ ]
2729|_[ + ] Exploit::
2730|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2731|_[ + ] More details:: / - / , ISP:
2732|_[ + ] Found:: UNIDENTIFIED
2733
2734 _[ - ]::--------------------------------------------------------------------------------------------------------------
2735|_[ + ] [ 98 / 100 ]-[03:21:36] [ - ]
2736|_[ + ] Target:: [ http://www.auctionit.co.bw/event/bank-repossessed-and-insurance-salvage-vehicle-auction-4/ ]
2737|_[ + ] Exploit::
2738|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2739|_[ + ] More details:: / - / , ISP:
2740|_[ + ] Found:: UNIDENTIFIED
2741
2742 _[ - ]::--------------------------------------------------------------------------------------------------------------
2743|_[ + ] [ 99 / 100 ]-[03:21:37] [ - ]
2744|_[ + ] Target:: [ http://www.auctionit.co.bw/event/bank-repossessed-and-insurance-salvage-vehicle-auction-3/ ]
2745|_[ + ] Exploit::
2746|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:154.73.84.17:80
2747|_[ + ] More details:: / - / , ISP:
2748|_[ + ] Found:: UNIDENTIFIED
2749
2750[ INFO ] [ Shutting down ]
2751[ INFO ] [ End of process INURLBR at [07-02-2020 03:21:37]
2752[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
2753[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.auctionit.co.bw/output/inurlbr-www.auctionit.co.bw ]
2754|_________________________________________________________________________________________
2755
2756\_________________________________________________________________________________________/
2757#######################################################################################################################################
2758Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:21 EST
2759NSE: Loaded 57 scripts for scanning.
2760NSE: Script Pre-scanning.
2761Initiating NSE at 03:21
2762Completed NSE at 03:21, 0.00s elapsed
2763Initiating NSE at 03:21
2764Completed NSE at 03:21, 0.00s elapsed
2765Initiating Parallel DNS resolution of 1 host. at 03:21
2766Completed Parallel DNS resolution of 1 host. at 03:21, 0.02s elapsed
2767Initiating SYN Stealth Scan at 03:21
2768Scanning www.auctionit.co.bw (154.73.84.17) [1 port]
2769Discovered open port 3306/tcp on 154.73.84.17
2770Completed SYN Stealth Scan at 03:21, 0.37s elapsed (1 total ports)
2771Initiating Service scan at 03:21
2772Scanning 1 service on www.auctionit.co.bw (154.73.84.17)
2773Completed Service scan at 03:21, 0.63s elapsed (1 service on 1 host)
2774Initiating OS detection (try #1) against www.auctionit.co.bw (154.73.84.17)
2775Retrying OS detection (try #2) against www.auctionit.co.bw (154.73.84.17)
2776Initiating Traceroute at 03:21
2777Completed Traceroute at 03:21, 3.15s elapsed
2778Initiating Parallel DNS resolution of 17 hosts. at 03:21
2779Completed Parallel DNS resolution of 17 hosts. at 03:21, 0.25s elapsed
2780NSE: Script scanning 154.73.84.17.
2781Initiating NSE at 03:21
2782NSE Timing: About 74.12% done; ETC: 03:23 (0:00:30 remaining)
2783Completed NSE at 03:23, 91.12s elapsed
2784Initiating NSE at 03:23
2785Completed NSE at 03:23, 0.05s elapsed
2786Nmap scan report for www.auctionit.co.bw (154.73.84.17)
2787Host is up (0.34s latency).
2788
2789PORT STATE SERVICE VERSION
27903306/tcp open mysql MySQL 5.7.27-0ubuntu0.16.04.1
2791| mysql-enum:
2792| Valid usernames:
2793| root:<empty> - Valid credentials
2794| user:<empty> - Valid credentials
2795| netadmin:<empty> - Valid credentials
2796| guest:<empty> - Valid credentials
2797| web:<empty> - Valid credentials
2798| sysadmin:<empty> - Valid credentials
2799| administrator:<empty> - Valid credentials
2800| webadmin:<empty> - Valid credentials
2801| admin:<empty> - Valid credentials
2802| test:<empty> - Valid credentials
2803|_ Statistics: Performed 10 guesses in 2 seconds, average tps: 5.0
2804| mysql-info:
2805| Protocol: 10
2806| Version: 5.7.27-0ubuntu0.16.04.1
2807| Thread ID: 3619
2808| Capabilities flags: 63487
2809| Some Capabilities: ConnectWithDatabase, InteractiveClient, Support41Auth, IgnoreSpaceBeforeParenthesis, Speaks41ProtocolOld, SupportsTransactions, IgnoreSigpipes, ODBCClient, LongPassword, FoundRows, LongColumnFlag, Speaks41ProtocolNew, SupportsCompression, SupportsLoadDataLocal, DontAllowDatabaseTableColumn, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
2810| Status: Autocommit
2811| Salt: wR.o\x08qp.Bs}x3\x05\x1CR\x0E \x1Fr
2812|_ Auth Plugin Name: mysql_native_password
2813| vulners:
2814| MySQL 5.7.27-0ubuntu0.16.04.1:
2815|_ NODEJS:602 0.0 https://vulners.com/nodejs/NODEJS:602
2816Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2817Aggressive OS guesses: Linux 3.10 - 4.11 (92%), Linux 3.13 (92%), Linux 3.16 (92%), Linux 3.2 - 4.9 (92%), Linux 4.2 (92%), Linux 3.13 or 4.2 (90%), Linux 3.16 - 4.6 (90%), Linux 3.18 (90%), Linux 4.4 (90%), Linux 4.8 (90%)
2818No exact OS matches for host (test conditions non-ideal).
2819Uptime guess: 0.275 days (since Thu Feb 6 20:47:15 2020)
2820Network Distance: 18 hops
2821TCP Sequence Prediction: Difficulty=251 (Good luck!)
2822IP ID Sequence Generation: All zeros
2823
2824TRACEROUTE (using port 3306/tcp)
2825HOP RTT ADDRESS
28261 103.63 ms 10.245.204.1
28272 133.40 ms R43.static.amanah.com (104.245.144.129)
28283 133.48 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
28294 133.51 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
28305 133.48 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161)
28316 133.55 ms be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
28327 181.16 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
28338 211.98 ms be2391.ccr51.lhr01.atlas.cogentco.com (154.54.39.149)
28349 212.04 ms be3487.ccr41.lon13.atlas.cogentco.com (154.54.60.5)
283510 133.68 ms be2870.ccr22.lon01.atlas.cogentco.com (154.54.58.174)
283611 129.85 ms te0-0-2-0.rcr11.b015592-1.lon01.atlas.cogentco.com (130.117.50.98)
283712 153.62 ms 149.14.80.218
283813 183.54 ms 41.191.219.221
283914 350.80 ms 41.191.216.33
284015 387.85 ms 41.191.218.28
284116 387.79 ms 41.191.216.158
284217 ...
284318 347.28 ms 154.73.84.17
2844
2845NSE: Script Post-scanning.
2846Initiating NSE at 03:23
2847Completed NSE at 03:23, 0.05s elapsed
2848Initiating NSE at 03:23
2849Completed NSE at 03:23, 0.05s elapsed
2850######################################################################################################################################
2851+------------+------------------------------------+--------------------------------------------------+-----------+-----------+
2852| App Name | URL to Application | Potential Exploit | Username | Password |
2853+------------+------------------------------------+--------------------------------------------------+-----------+-----------+
2854| phpMyAdmin | http://154.73.84.17:80/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
2855+------------+------------------------------------+--------------------------------------------------+-----------+-----------+
2856######################################################################################################################################
2857Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:34 EST
2858Nmap scan report for 154.73.84.17
2859Host is up (0.31s latency).
2860Not shown: 990 filtered ports
2861PORT STATE SERVICE VERSION
286221/tcp open ftp vsftpd 3.0.3
2863| vulscan: VulDB - https://vuldb.com:
2864| [68991] vsftpd 3.0.2 deny_file unknown vulnerability
2865|
2866| MITRE CVE - https://cve.mitre.org:
2867| [CVE-2012-2127] fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespaces to isolate clients, as demonstrated by vsftpd.
2868| [CVE-2008-2375] Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.
2869|
2870| SecurityFocus - https://www.securityfocus.com/bid/:
2871| [82285] Vsftpd CVE-2004-0042 Remote Security Vulnerability
2872| [72451] vsftpd CVE-2015-1419 Security Bypass Vulnerability
2873| [51013] vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability
2874| [48539] vsftpd Compromised Source Packages Backdoor Vulnerability
2875| [46617] vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
2876| [41443] Vsftpd Webmin Module Multiple Unspecified Vulnerabilities
2877| [30364] vsftpd FTP Server Pluggable Authentication Module (PAM) Remote Denial of Service Vulnerability
2878| [29322] vsftpd FTP Server 'deny_file' Option Remote Denial of Service Vulnerability
2879| [10394] Vsftpd Listener Denial of Service Vulnerability
2880| [7253] Red Hat Linux 9 vsftpd Compiling Error Weakness
2881|
2882| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2883| [68366] vsftpd package backdoor
2884| [65873] vsftpd vsf_filename_passes_filter denial of service
2885| [55148] VSFTPD-WEBMIN-MODULE unknown unspecified
2886| [43685] vsftpd authentication attempts denial of service
2887| [42593] vsftpd deny_file denial of service
2888| [16222] vsftpd connection denial of service
2889| [14844] vsftpd message allows attacker to obtain username
2890| [11729] Red Hat Linux vsftpd FTP daemon tcp_wrapper could allow an attacker to gain access to server
2891|
2892| Exploit-DB - https://www.exploit-db.com:
2893| [17491] VSFTPD 2.3.4 - Backdoor Command Execution
2894| [16270] vsftpd 2.3.2 - Denial of Service Vulnerability
2895| [5814] vsftpd 2.0.5 (CWD) Remote Memory Consumption Exploit (post auth)
2896|
2897| OpenVAS (Nessus) - http://www.openvas.org:
2898| [881289] CentOS Update for vsftpd CESA-2011:0337 centos5 x86_64
2899| [880533] CentOS Update for vsftpd CESA-2011:0337 centos5 i386
2900| [880479] CentOS Update for vsftpd CESA-2011:0337 centos4 i386
2901| [880293] CentOS Update for vsftpd CESA-2008:0579 centos3 i386
2902| [880025] CentOS Update for vsftpd CESA-2008:0579 centos3 x86_64
2903| [870407] RedHat Update for vsftpd RHSA-2011:0337-01
2904| [870152] RedHat Update for vsftpd RHSA-2008:0680-01
2905| [870114] RedHat Update for vsftpd RHSA-2008:0295-01
2906| [870032] RedHat Update for vsftpd RHSA-2008:0579-01
2907| [862926] Fedora Update for vsftpd FEDORA-2011-2615
2908| [862925] Fedora Update for vsftpd FEDORA-2011-2590
2909| [860821] Fedora Update for vsftpd FEDORA-2008-4347
2910| [860676] Fedora Update for vsftpd FEDORA-2008-4373
2911| [860005] Fedora Update for vsftpd FEDORA-2008-4362
2912| [840831] Ubuntu Update for vsftpd USN-1288-1
2913| [840623] Ubuntu Update for vsftpd vulnerability USN-1098-1
2914| [831351] Mandriva Update for vsftpd MDVSA-2011:049 (vsftpd)
2915| [103362] vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability
2916| [103185] vsftpd Compromised Source Packages Backdoor Vulnerability
2917| [103101] vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
2918| [71966] Slackware Advisory SSA:2012-041-05 vsftpd
2919| [70770] Gentoo Security Advisory GLSA 201110-07 (vsftpd)
2920| [70399] Debian Security Advisory DSA 2305-1 (vsftpd)
2921| [65857] SLES10: Security update for vsftpd
2922| [65225] SLES9: Security update for vsftpd
2923|
2924| SecurityTracker - https://www.securitytracker.com:
2925| [1025186] vsftpd vsf_filename_passes_filter() Bug Lets Remote Authenticated Users Deny Service
2926| [1020546] vsftpd Memory Leak When Invalid Authentication Attempts Occur Lets Remote Authenticated Users Deny Service
2927| [1020079] vsftpd Memory Leak in 'deny_file' Option Lets Remote Authenticated Users Deny Service
2928| [1008628] vsftpd Discloses Whether Usernames are Valid or Not
2929|
2930| OSVDB - http://www.osvdb.org:
2931| [73573] vsftpd on vsftpd.beasts.org Trojaned Distribution
2932| [73340] vsftpd ls.c vsf_filename_passes_filter STAT Command glob Expression Remote DoS
2933| [61362] Vsftpd Webmin Module Unspecified Issues
2934| [46930] Red Hat Linux vsftpd w/ PAM Memory Exhaustion Remote DoS
2935| [45626] vsftpd deny_file Option Crafted FTP Data Remote Memory Exhaustion DoS
2936| [36515] BlockHosts sshd/vsftpd hosts.allow Arbitrary Deny Entry Manipulation
2937| [28610] vsftpd SIGURG Handler Unspecified Issue
2938| [28609] vsftpd tunable_chroot_local_user Filesystem Root Access
2939| [6861] vsftpd Login Error Message Username Enumeration
2940| [6306] vsftpd Connection Handling DoS
2941| [4564] vsftpd on Red Hat Linux Restricted Access Failure
2942|_
294325/tcp closed smtp
294480/tcp open http nginx
2945| vulscan: VulDB - https://vuldb.com:
2946| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
2947| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
2948| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
2949| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
2950| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
2951| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
2952| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
2953| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
2954| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
2955| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
2956| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
2957| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
2958| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
2959| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
2960| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
2961| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
2962| [67677] nginx up to 1.7.3 SSL weak authentication
2963| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
2964| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
2965| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
2966| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
2967| [65364] nginx up to 1.1.13 Default Configuration information disclosure
2968| [8671] nginx up to 1.4 proxy_pass denial of service
2969| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
2970| [7247] nginx 1.2.6 Proxy Function spoofing
2971| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
2972| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
2973| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
2974| [59645] nginx up to 0.8.9 Heap-based memory corruption
2975| [53592] nginx 0.8.36 memory corruption
2976| [53590] nginx up to 0.8.9 unknown vulnerability
2977| [51533] nginx 0.7.64 Terminal privilege escalation
2978| [50905] nginx up to 0.8.9 directory traversal
2979| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
2980| [50043] nginx up to 0.8.10 memory corruption
2981|
2982| MITRE CVE - https://cve.mitre.org:
2983| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
2984| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
2985| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
2986| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
2987| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
2988| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
2989| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
2990| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
2991| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
2992| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
2993| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
2994| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
2995| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
2996|
2997| SecurityFocus - https://www.securityfocus.com/bid/:
2998| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2999| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
3000| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
3001| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
3002| [82230] nginx Multiple Denial of Service Vulnerabilities
3003| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
3004| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
3005| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
3006| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
3007| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
3008| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
3009| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
3010| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
3011| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
3012| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
3013| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
3014| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
3015| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
3016| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
3017| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
3018| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
3019| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
3020| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
3021| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
3022| [40420] nginx Directory Traversal Vulnerability
3023| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
3024| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
3025| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
3026| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
3027| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
3028|
3029| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3030| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
3031| [84172] nginx denial of service
3032| [84048] nginx buffer overflow
3033| [83923] nginx ngx_http_close_connection() integer overflow
3034| [83688] nginx null byte code execution
3035| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
3036| [82319] nginx access.log information disclosure
3037| [80952] nginx SSL spoofing
3038| [77244] nginx and Microsoft Windows request security bypass
3039| [76778] Naxsi module for Nginx nx_extract.py directory traversal
3040| [74831] nginx ngx_http_mp4_module.c buffer overflow
3041| [74191] nginx ngx_cpystrn() information disclosure
3042| [74045] nginx header response information disclosure
3043| [71355] nginx ngx_resolver_copy() buffer overflow
3044| [59370] nginx characters denial of service
3045| [59369] nginx DATA source code disclosure
3046| [59047] nginx space source code disclosure
3047| [58966] nginx unspecified directory traversal
3048| [54025] nginx ngx_http_parse.c denial of service
3049| [53431] nginx WebDAV component directory traversal
3050| [53328] Nginx CRC-32 cached domain name spoofing
3051| [53250] Nginx ngx_http_parse_complex_uri() function code execution
3052|
3053| Exploit-DB - https://www.exploit-db.com:
3054| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
3055| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
3056| [25499] nginx 1.3.9-1.4.0 DoS PoC
3057| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
3058| [14830] nginx 0.6.38 - Heap Corruption Exploit
3059| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
3060| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
3061| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
3062| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
3063| [9829] nginx 0.7.61 WebDAV directory traversal
3064|
3065| OpenVAS (Nessus) - http://www.openvas.org:
3066| [864418] Fedora Update for nginx FEDORA-2012-3846
3067| [864310] Fedora Update for nginx FEDORA-2012-6238
3068| [864209] Fedora Update for nginx FEDORA-2012-6411
3069| [864204] Fedora Update for nginx FEDORA-2012-6371
3070| [864121] Fedora Update for nginx FEDORA-2012-4006
3071| [864115] Fedora Update for nginx FEDORA-2012-3991
3072| [864065] Fedora Update for nginx FEDORA-2011-16075
3073| [863654] Fedora Update for nginx FEDORA-2011-16110
3074| [861232] Fedora Update for nginx FEDORA-2007-1158
3075| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
3076| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
3077| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
3078| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
3079| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
3080| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
3081| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
3082| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
3083| [100659] nginx Directory Traversal Vulnerability
3084| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
3085| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
3086| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
3087| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
3088| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
3089| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
3090| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
3091| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
3092| [71297] FreeBSD Ports: nginx
3093| [71276] FreeBSD Ports: nginx
3094| [71239] Debian Security Advisory DSA 2434-1 (nginx)
3095| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
3096| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
3097| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
3098| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
3099| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
3100| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
3101| [64894] FreeBSD Ports: nginx
3102| [64869] Debian Security Advisory DSA 1884-1 (nginx)
3103|
3104| SecurityTracker - https://www.securitytracker.com:
3105| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
3106| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
3107| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
3108| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
3109|
3110| OSVDB - http://www.osvdb.org:
3111| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
3112| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
3113| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
3114| [92796] nginx ngx_http_close_connection Function Crafted r->
3115| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
3116| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
3117| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
3118| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
3119| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
3120| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
3121| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
3122| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
3123| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
3124| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
3125| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
3126| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
3127| [62617] nginx Internal DNS Cache Poisoning Weakness
3128| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
3129| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
3130| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
3131| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
3132| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
3133| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
3134| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
3135| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
3136| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
3137| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
3138|_
3139139/tcp closed netbios-ssn
3140443/tcp closed https
3141445/tcp closed microsoft-ds
31423306/tcp open mysql MySQL 5.7.27-0ubuntu0.16.04.1
3143| vulscan: VulDB - https://vuldb.com:
3144| [112110] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
3145| [112109] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
3146| [112108] Oracle MySQL Server up to 5.7.20 InnoDB denial of service
3147| [112107] Oracle MySQL Server up to 5.7.20 DML denial of service
3148| [112106] Oracle MySQL Server up to 5.7.20 DML denial of service
3149| [112105] Oracle MySQL Server up to 5.7.20 DML denial of service
3150| [138098] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Plug-in unknown vulnerability
3151| [138097] Oracle MySQL Server up to 5.7.26/8.0.16 Client programs denial of service
3152| [138094] Oracle MySQL Server up to 5.7.25/8.0.15 Replication denial of service
3153| [138085] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
3154| [138084] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
3155| [138073] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Log denial of service
3156| [138072] Oracle MySQL Server up to 5.7.26/8.0.16 Privileges unknown vulnerability
3157| [138071] Oracle MySQL Server up to 5.7.23 Replication unknown vulnerability
3158| [138069] Oracle MySQL Server up to 5.7.26/8.0.16 InnoDB unknown vulnerability
3159| [138058] Oracle MySQL Server up to 5.7.26/8.0.15 cURL unknown vulnerability
3160| [129647] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
3161| [129646] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
3162| [129644] Oracle MySQL Server up to 5.7.24/8.0.13 Partition denial of service
3163| [129640] Oracle MySQL Server up to 5.7.24/8.0.13 Optimizer denial of service
3164| [129635] Oracle MySQL Server up to 5.7.24/8.0.13 InnoDB denial of service
3165| [129628] Oracle MySQL Server up to 5.7.24/8.0.13 Parser denial of service
3166| [125567] Oracle MySQL Server up to 5.7.23/8.0.12 Logging denial of service
3167| [125566] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
3168| [125561] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
3169| [125555] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
3170| [125554] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
3171| [125553] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
3172| [125552] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
3173| [125551] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
3174| [125549] Oracle MySQL Server up to 5.7.23/8.0.12 Optimizer denial of service
3175| [125546] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
3176| [125545] Oracle MySQL Server up to 5.7.23/8.0.12 Audit denial of service
3177| [125536] Oracle MySQL Server up to 5.7.23/8.0.12 Parser denial of service
3178| [121797] Oracle MySQL Server up to 5.7.22/8.0.11 Privileges unknown vulnerability
3179| [121792] Oracle MySQL Server up to 5.7.22 DML denial of service
3180| [121789] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
3181| [121788] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
3182| [121786] Oracle MySQL Server up to 5.7.22 Audit Log denial of service
3183| [121779] Oracle MySQL Server up to 5.7.22/8.0.11 DML denial of service
3184| [121778] Oracle MySQL Server up to 5.7.22/8.0.11 InnoDB denial of service
3185| [116759] Oracle MySQL Server up to 5.7.21 Group Replication GCS denial of service
3186| [116758] Oracle MySQL Server up to 5.7.21 Pluggable Auth denial of service
3187| [116757] Oracle MySQL Server up to 5.7.21 Performance Schema denial of service
3188| [116756] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
3189| [116754] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
3190| [116753] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
3191| [116752] Oracle MySQL Server up to 5.7.21 DML denial of service
3192| [116750] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
3193| [116749] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
3194| [116747] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
3195| [116745] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
3196| [116743] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
3197| [116740] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
3198| [116739] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
3199| [75159] Oracle MySQL up to 5.7.2 SSL Client weak encryption
3200|
3201| MITRE CVE - https://cve.mitre.org:
3202| [CVE-2013-3812] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
3203| [CVE-2013-3811] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
3204| [CVE-2013-3810] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
3205| [CVE-2013-3809] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
3206| [CVE-2013-3808] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
3207| [CVE-2013-3807] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
3208| [CVE-2013-3806] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
3209| [CVE-2013-3805] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
3210| [CVE-2013-3804] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3211| [CVE-2013-3802] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
3212| [CVE-2013-3801] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
3213| [CVE-2013-3798] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
3214| [CVE-2013-3796] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3215| [CVE-2013-3795] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
3216| [CVE-2013-3794] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
3217| [CVE-2013-3793] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
3218| [CVE-2013-3783] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
3219| [CVE-2013-2395] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
3220| [CVE-2013-2392] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3221| [CVE-2013-2391] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
3222| [CVE-2013-2389] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3223| [CVE-2013-2381] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
3224| [CVE-2013-2378] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
3225| [CVE-2013-2376] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
3226| [CVE-2013-2375] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
3227| [CVE-2013-1861] MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
3228| [CVE-2013-1570] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
3229| [CVE-2013-1567] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
3230| [CVE-2013-1566] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3231| [CVE-2013-1555] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
3232| [CVE-2013-1552] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
3233| [CVE-2013-1548] Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
3234| [CVE-2013-1544] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
3235| [CVE-2013-1532] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
3236| [CVE-2013-1531] Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
3237| [CVE-2013-1526] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
3238| [CVE-2013-1523] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
3239| [CVE-2013-1521] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
3240| [CVE-2013-1512] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
3241| [CVE-2013-1511] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3242| [CVE-2013-1506] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
3243| [CVE-2013-1502] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
3244| [CVE-2013-1492] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
3245| [CVE-2013-0389] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3246| [CVE-2013-0386] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
3247| [CVE-2013-0385] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
3248| [CVE-2013-0384] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
3249| [CVE-2013-0383] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
3250| [CVE-2013-0375] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
3251| [CVE-2013-0371] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
3252| [CVE-2013-0368] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3253| [CVE-2013-0367] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
3254| [CVE-2012-5615] MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
3255| [CVE-2012-5614] Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
3256| [CVE-2012-5613] ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
3257| [CVE-2012-5612] Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
3258| [CVE-2012-5611] Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
3259| [CVE-2012-5383] ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation.
3260| [CVE-2012-5096] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.
3261| [CVE-2012-5060] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
3262| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
3263| [CVE-2012-4414] Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
3264| [CVE-2012-3197] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
3265| [CVE-2012-3180] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3266| [CVE-2012-3177] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
3267| [CVE-2012-3173] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
3268| [CVE-2012-3167] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
3269| [CVE-2012-3166] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3270| [CVE-2012-3163] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
3271| [CVE-2012-3160] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
3272| [CVE-2012-3158] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
3273| [CVE-2012-3156] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
3274| [CVE-2012-3150] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3275| [CVE-2012-3149] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.
3276| [CVE-2012-3147] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.
3277| [CVE-2012-3144] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
3278| [CVE-2012-2750] Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
3279| [CVE-2012-2749] MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
3280| [CVE-2012-2122] sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
3281| [CVE-2012-2102] MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
3282| [CVE-2012-1757] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3283| [CVE-2012-1756] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
3284| [CVE-2012-1735] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3285| [CVE-2012-1734] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3286| [CVE-2012-1705] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3287| [CVE-2012-1703] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3288| [CVE-2012-1702] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
3289| [CVE-2012-1697] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
3290| [CVE-2012-1696] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3291| [CVE-2012-1690] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3292| [CVE-2012-1689] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3293| [CVE-2012-1688] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
3294| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
3295| [CVE-2012-0583] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
3296| [CVE-2012-0578] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3297| [CVE-2012-0574] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
3298| [CVE-2012-0572] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3299| [CVE-2012-0553] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
3300| [CVE-2012-0540] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
3301| [CVE-2012-0496] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
3302| [CVE-2012-0495] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493.
3303| [CVE-2012-0494] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
3304| [CVE-2012-0493] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.
3305| [CVE-2012-0492] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
3306| [CVE-2012-0491] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.
3307| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
3308| [CVE-2012-0489] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3309| [CVE-2012-0488] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3310| [CVE-2012-0487] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3311| [CVE-2012-0486] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3312| [CVE-2012-0485] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
3313| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
3314| [CVE-2012-0120] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
3315| [CVE-2012-0119] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
3316| [CVE-2012-0118] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
3317| [CVE-2012-0117] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3318| [CVE-2012-0116] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
3319| [CVE-2012-0115] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
3320| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
3321| [CVE-2012-0113] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
3322| [CVE-2012-0112] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
3323| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
3324| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
3325| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
3326| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
3327| [CVE-2011-5049] MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
3328| [CVE-2011-2262] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
3329| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
3330| [CVE-2010-4700] The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
3331| [CVE-2010-3840] The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
3332| [CVE-2010-3839] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
3333| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
3334| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
3335| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
3336| [CVE-2010-3835] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
3337| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
3338| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
3339| [CVE-2010-3683] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
3340| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
3341| [CVE-2010-3681] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
3342| [CVE-2010-3680] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
3343| [CVE-2010-3679] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
3344| [CVE-2010-3678] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
3345| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
3346| [CVE-2010-3676] storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
3347| [CVE-2010-3064] Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function.
3348| [CVE-2010-3063] The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
3349| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
3350| [CVE-2010-2008] MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
3351| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
3352| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
3353| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
3354| [CVE-2010-1626] MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
3355| [CVE-2010-1621] The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
3356| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
3357| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
3358| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
3359| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
3360| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
3361| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
3362| [CVE-2009-0819] sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
3363| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
3364| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
3365| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
3366| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
3367| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
3368| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
3369| [CVE-2008-1486] SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
3370| [CVE-2007-6313] MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
3371| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
3372| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
3373| [CVE-2007-5970] MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
3374| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
3375| [CVE-2007-5925] The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
3376| [CVE-2007-5646] SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
3377| [CVE-2007-4889] The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
3378| [CVE-2007-3997] The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
3379| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
3380| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
3381| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
3382| [CVE-2007-2693] MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
3383| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
3384| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
3385| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
3386| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
3387| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
3388| [CVE-2006-4835] Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
3389| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
3390| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
3391| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
3392| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
3393| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
3394| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
3395| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
3396| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
3397| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
3398| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
3399| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
3400| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
3401| [CVE-2006-0200] Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
3402| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
3403| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
3404| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
3405| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
3406| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
3407| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
3408| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
3409|
3410| SecurityFocus - https://www.securityfocus.com/bid/:
3411| [52154] RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
3412| [47871] Oracle MySQL Prior to 5.1.52 Multiple Denial Of Service Vulnerabilities
3413| [43677] Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
3414| [43676] Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities
3415| [42646] Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
3416| [42643] Oracle MySQL Prior to 5.1.49 'DDL' Statements Denial Of Service Vulnerability
3417| [42638] Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
3418| [42596] Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
3419| [42586] RETIRED: Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
3420| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
3421| [36242] MySQL 5.x Unspecified Buffer Overflow Vulnerability
3422|
3423| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3424| [85724] Oracle MySQL Server XA Transactions denial of service
3425| [85723] Oracle MySQL Server Server Replication denial of service
3426| [85722] Oracle MySQL Server InnoDB denial of service
3427| [85721] Oracle MySQL Server Server Privileges unspecified
3428| [85720] Oracle MySQL Server Server Partition denial of service
3429| [85719] Oracle MySQL Server Server Parser denial of service
3430| [85718] Oracle MySQL Server Server Options denial of service
3431| [85717] Oracle MySQL Server Server Options denial of service
3432| [85716] Oracle MySQL Server Server Optimizer denial of service
3433| [85715] Oracle MySQL Server Server Optimizer denial of service
3434| [85714] Oracle MySQL Server Prepared Statements denial of service
3435| [85713] Oracle MySQL Server InnoDB denial of service
3436| [85712] Oracle MySQL Server Full Text Search denial of service
3437| [85711] Oracle MySQL Server Data Manipulation Language denial of service
3438| [85710] Oracle MySQL Server Data Manipulation Language denial of service
3439| [85709] Oracle MySQL Server Audit Log unspecified
3440| [85708] Oracle MySQL Server MemCached unspecified
3441| [84846] Debian mysql-server package information disclosure
3442| [84375] Wireshark MySQL dissector denial of service
3443| [83554] Oracle MySQL Server Server Partition denial of service
3444| [83553] Oracle MySQL Server Server Locking denial of service
3445| [83552] Oracle MySQL Server Server Install unspecified
3446| [83551] Oracle MySQL Server Server Types denial of service
3447| [83550] Oracle MySQL Server Server Privileges unspecified
3448| [83549] Oracle MySQL Server InnoDB denial of service
3449| [83548] Oracle MySQL Server InnoDB denial of service
3450| [83547] Oracle MySQL Server Data Manipulation Language denial of service
3451| [83546] Oracle MySQL Server Stored Procedure denial of service
3452| [83545] Oracle MySQL Server Server Replication denial of service
3453| [83544] Oracle MySQL Server Server Partition denial of service
3454| [83543] Oracle MySQL Server Server Optimizer denial of service
3455| [83542] Oracle MySQL Server InnoDB denial of service
3456| [83541] Oracle MySQL Server Information Schema denial of service
3457| [83540] Oracle MySQL Server Data Manipulation Language denial of service
3458| [83539] Oracle MySQL Server Data Manipulation Language denial of service
3459| [83538] Oracle MySQL Server Server Optimizer unspecified
3460| [83537] Oracle MySQL Server MemCached denial of service
3461| [83536] Oracle MySQL Server Server Privileges unspecified
3462| [83535] Oracle MySQL Server Server Privileges unspecified
3463| [83534] Oracle MySQL Server Server unspecified
3464| [83533] Oracle MySQL Server Information Schema unspecified
3465| [83532] Oracle MySQL Server Server Locking unspecified
3466| [83531] Oracle MySQL Server Data Manipulation Language denial of service
3467| [83388] MySQL administrative login attempt detected
3468| [82963] Mambo MySQL database information disclosure
3469| [82946] Oracle MySQL buffer overflow
3470| [82945] Oracle MySQL buffer overflow
3471| [82895] Oracle MySQL and MariaDB geometry queries denial of service
3472| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
3473| [81325] Oracle MySQL Server Server Privileges denial of service
3474| [81324] Oracle MySQL Server Server Partition denial of service
3475| [81323] Oracle MySQL Server Server Optimizer denial of service
3476| [81322] Oracle MySQL Server Server Optimizer denial of service
3477| [81321] Oracle MySQL Server Server denial of service
3478| [81320] Oracle MySQL Server MyISAM denial of service
3479| [81319] Oracle MySQL Server InnoDB denial of service
3480| [81318] Oracle MySQL Server InnoDB denial of service
3481| [81317] Oracle MySQL Server Server Locking denial of service
3482| [81316] Oracle MySQL Server Server denial of service
3483| [81315] Oracle MySQL Server Server Replication unspecified
3484| [81314] Oracle MySQL Server Server Replication unspecified
3485| [81313] Oracle MySQL Server Stored Procedure denial of service
3486| [81312] Oracle MySQL Server Server Optimizer denial of service
3487| [81311] Oracle MySQL Server Information Schema denial of service
3488| [81310] Oracle MySQL Server GIS Extension denial of service
3489| [80790] Oracle MySQL yaSSL buffer overflow
3490| [80553] Oracle MySQL and MariaDB salt security bypass
3491| [80443] Oracle MySQL Server unspecified code execution
3492| [80442] Oracle MySQL Server acl_get() buffer overflow
3493| [80440] Oracle MySQL Server table buffer overflow
3494| [80435] Oracle MySQL Server database privilege escalation
3495| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
3496| [80433] Oracle MySQL Server Stuxnet privilege escalation
3497| [80432] Oracle MySQL Server authentication information disclosure
3498| [79394] Oracle MySQL Server Server Installation information disclosure
3499| [79393] Oracle MySQL Server Server Replication denial of service
3500| [79392] Oracle MySQL Server Server Full Text Search denial of service
3501| [79391] Oracle MySQL Server Server denial of service
3502| [79390] Oracle MySQL Server Client information disclosure
3503| [79389] Oracle MySQL Server Server Optimizer denial of service
3504| [79388] Oracle MySQL Server Server Optimizer denial of service
3505| [79387] Oracle MySQL Server Server denial of service
3506| [79386] Oracle MySQL Server InnoDB Plugin denial of service
3507| [79385] Oracle MySQL Server InnoDB denial of service
3508| [79384] Oracle MySQL Server Client unspecified
3509| [79383] Oracle MySQL Server Server denial of service
3510| [79382] Oracle MySQL Server Protocol unspecified
3511| [79381] Oracle MySQL Server Information Schema unspecified
3512| [78954] SilverStripe MySQLDatabase.php information disclosure
3513| [78948] MySQL MyISAM table symlink
3514| [77865] MySQL unknown vuln
3515| [77864] MySQL sort order denial of service
3516| [77768] MySQLDumper refresh_dblist.php information disclosure
3517| [77177] MySQL Squid Access Report unspecified cross-site scripting
3518| [77065] Oracle MySQL Server Optimizer denial of service
3519| [77064] Oracle MySQL Server Optimizer denial of service
3520| [77063] Oracle MySQL Server denial of service
3521| [77062] Oracle MySQL InnoDB denial of service
3522| [77061] Oracle MySQL GIS Extension denial of service
3523| [77060] Oracle MySQL Server Optimizer denial of service
3524| [76189] MySQL unspecified error
3525| [76188] MySQL attempts security bypass
3526| [75287] MySQLDumper restore.php information disclosure
3527| [75286] MySQLDumper filemanagement.php directory traversal
3528| [75285] MySQLDumper main.php cross-site request forgery
3529| [75284] MySQLDumper install.php cross-site scripting
3530| [75283] MySQLDumper install.php file include
3531| [75282] MySQLDumper menu.php code execution
3532| [75022] Oracle MySQL Server Server Optimizer denial of service
3533| [75021] Oracle MySQL Server Server Optimizer denial of service
3534| [75020] Oracle MySQL Server Server DML denial of service
3535| [75019] Oracle MySQL Server Partition denial of service
3536| [75018] Oracle MySQL Server MyISAM denial of service
3537| [75017] Oracle MySQL Server Server Optimizer denial of service
3538| [74672] Oracle MySQL Server multiple unspecified
3539| [73092] MySQL unspecified code execution
3540| [72540] Oracle MySQL Server denial of service
3541| [72539] Oracle MySQL Server unspecified
3542| [72538] Oracle MySQL Server denial of service
3543| [72537] Oracle MySQL Server denial of service
3544| [72536] Oracle MySQL Server unspecified
3545| [72535] Oracle MySQL Server denial of service
3546| [72534] Oracle MySQL Server denial of service
3547| [72533] Oracle MySQL Server denial of service
3548| [72532] Oracle MySQL Server denial of service
3549| [72531] Oracle MySQL Server denial of service
3550| [72530] Oracle MySQL Server denial of service
3551| [72529] Oracle MySQL Server denial of service
3552| [72528] Oracle MySQL Server denial of service
3553| [72527] Oracle MySQL Server denial of service
3554| [72526] Oracle MySQL Server denial of service
3555| [72525] Oracle MySQL Server information disclosure
3556| [72524] Oracle MySQL Server denial of service
3557| [72523] Oracle MySQL Server denial of service
3558| [72522] Oracle MySQL Server denial of service
3559| [72521] Oracle MySQL Server denial of service
3560| [72520] Oracle MySQL Server denial of service
3561| [72519] Oracle MySQL Server denial of service
3562| [72518] Oracle MySQL Server unspecified
3563| [72517] Oracle MySQL Server unspecified
3564| [72516] Oracle MySQL Server unspecified
3565| [72515] Oracle MySQL Server denial of service
3566| [72514] Oracle MySQL Server unspecified
3567| [71965] MySQL port denial of service
3568| [70680] DBD::mysqlPP unspecified SQL injection
3569| [70370] TaskFreak! multi-mysql unspecified path disclosure
3570| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
3571| [68294] MySQLDriverCS statement.cs sql injection
3572| [68175] Prosody MySQL denial of service
3573| [67539] Zend Framework MySQL PDO security bypass
3574| [67254] DirectAdmin MySQL information disclosure
3575| [66567] Xoops mysql.sql information disclosure
3576| [65871] PyWebDAV MySQLAuthHandler class SQL injection
3577| [65543] MySQL Select Arbitrary data into a File
3578| [65529] MySQL Eventum full_name field cross-site scripting
3579| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
3580| [65379] Oracle MySQL Eventum list.php cross-site scripting
3581| [65266] Accellion File Transfer Appliance MySQL default password
3582| [64878] MySQL Geometry denial of service
3583| [64877] MySQL EXPLAIN EXTENDED denial of service
3584| [64876] MySQL prepared statement denial of service
3585| [64845] MySQL extreme-value denial of service
3586| [64844] MySQL Gis_line_string::init_from_wkb denial of service
3587| [64843] MySQL user-variable denial of service
3588| [64842] MySQL view preparation denial of service
3589| [64841] MySQL prepared statement denial of service
3590| [64840] MySQL LONGBLOB denial of service
3591| [64839] MySQL invocations denial of service
3592| [64838] MySQL Gis_line_string::init_from_wkb denial of service
3593| [64689] MySQL dict0crea.c denial of service
3594| [64688] MySQL SET column denial of service
3595| [64687] MySQL BINLOG command denial of service
3596| [64686] MySQL InnoDB denial of service
3597| [64685] MySQL HANDLER interface denial of service
3598| [64684] MySQL Item_singlerow_subselect::store denial of service
3599| [64683] MySQL OK packet denial of service
3600| [63518] MySQL Query Browser GUI Tools information disclosure
3601| [63517] MySQL Administrator GUI Tools information disclosure
3602| [62272] MySQL PolyFromWKB() denial of service
3603| [62269] MySQL LIKE predicates denial of service
3604| [62268] MySQL joins denial of service
3605| [62267] MySQL GREATEST() or LEAST() denial of service
3606| [62266] MySQL GROUP_CONCAT() denial of service
3607| [62265] MySQL expression values denial of service
3608| [62264] MySQL temporary table denial of service
3609| [62263] MySQL LEAST() or GREATEST() denial of service
3610| [62262] MySQL replication privilege escalation
3611| [61739] MySQL WITH ROLLUP denial of service
3612| [61343] MySQL LOAD DATA INFILE denial of service
3613| [61342] MySQL EXPLAIN denial of service
3614| [61341] MySQL HANDLER denial of service
3615| [61340] MySQL BINLOG denial of service
3616| [61339] MySQL IN() or CASE denial of service
3617| [61338] MySQL SET denial of service
3618| [61337] MySQL DDL denial of service
3619| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
3620| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
3621| [61316] PHP php_mysqlnd_auth_write buffer overflow
3622| [61274] MySQL TEMPORARY InnoDB denial of service
3623| [59905] MySQL ALTER DATABASE denial of service
3624| [59841] CMySQLite updateUser.php cross-site request forgery
3625| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
3626| [59075] PHP php_mysqlnd_auth_write() buffer overflow
3627| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
3628| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
3629| [59072] PHP php_mysqlnd_ok_read() information disclosure
3630| [58842] MySQL DROP TABLE file deletion
3631| [58676] Template Shares MySQL information disclosure
3632| [58531] MySQL COM_FIELD_LIST buffer overflow
3633| [58530] MySQL packet denial of service
3634| [58529] MySQL COM_FIELD_LIST security bypass
3635| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
3636| [57925] MySQL UNINSTALL PLUGIN security bypass
3637| [57006] Quicksilver Forums mysqldump information disclosure
3638| [56800] Employee Timeclock Software mysqldump information disclosure
3639| [56200] Flex MySQL Connector ActionScript SQL injection
3640| [55877] MySQL yaSSL buffer overflow
3641| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
3642| [55416] MySQL unspecified buffer overflow
3643| [55382] Ublog UblogMySQL.sql information disclosure
3644| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
3645| [54597] MySQL sql_table.cc security bypass
3646| [54596] MySQL mysqld denial of service
3647| [54365] MySQL OpenSSL security bypass
3648| [54364] MySQL MyISAM table symlink
3649| [53950] The mysql-ocaml mysql_real_escape_string weak security
3650| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
3651| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
3652| [52660] iScouter PHP Web Portal MySQL Password Retrieval
3653| [52220] aa33code mysql.inc information disclosure
3654| [52122] MySQL Connector/J unicode SQL injection
3655| [51614] MySQL dispatch_command() denial of service
3656| [51406] MySQL Connector/NET SSL spoofing
3657| [49202] MySQL UDF command execution
3658| [49050] MySQL XPath denial of service
3659| [48919] Cisco Application Networking Manager MySQL default account password
3660| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
3661| [47544] MySQL Calendar index.php SQL injection
3662| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
3663| [45649] MySQL MyISAM symlink security bypass
3664| [45648] MySQL MyISAM symlinks security bypass
3665| [45607] MySQL Quick Admin actions.php file include
3666| [45606] MySQL Quick Admin index.php file include
3667| [45590] MySQL command-line client cross-site scripting
3668| [45436] PromoteWeb MySQL go.php SQL injection
3669| [45042] MySQL empty bit-string literal denial of service
3670| [44662] mysql-lists unspecified cross-site scripting
3671| [42267] MySQL MyISAM security bypass
3672| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
3673| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
3674| [40920] MySQL sql_select.cc denial of service
3675| [40734] MySQL Server BINLOG privilege escalation
3676| [40350] MySQL password information disclosure
3677| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
3678| [39402] PHP LOCAL INFILE and MySQL extension security bypass
3679| [38999] aurora framework db_mysql.lib SQL injection
3680| [38990] MySQL federated engine denial of service
3681| [38989] MySQL DEFINER value privilege escalation
3682| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
3683| [38964] MySQL RENAME TABLE symlink
3684| [38733] ManageEngine EventLog Analyzer MySQL default password
3685| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
3686| [38189] MySQL default root password
3687| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
3688| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
3689| [36555] PHP MySQL extension multiple functions security bypass
3690| [35960] MySQL view privilege escalation
3691| [35959] MySQL CREATE TABLE LIKE information disclosure
3692| [35958] MySQL connection protocol denial of service
3693| [35291] MySQLDumper main.php security bypass
3694| [34811] MySQL udf_init and mysql_create_function command execution
3695| [34809] MySQL mysql_update privilege escalation
3696| [34349] MySQL ALTER information disclosure
3697| [34348] MySQL mysql_change_db privilege escalation
3698| [34347] MySQL RENAME TABLE weak security
3699| [34232] MySQL IF clause denial of service
3700| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
3701| [33285] Eve-Nuke mysql.php file include
3702| [32957] MySQL Commander dbopen.php file include
3703| [32933] cPanel load_language.php and mysqlconfig.php file include
3704| [32911] MySQL filesort function denial of service
3705| [32462] cPanel passwdmysql cross-site scripting
3706| [32288] RHSA-2006:0544 updates for mysql not installed
3707| [32266] MySQLNewsEngine affichearticles.php3 file include
3708| [31244] The Address Book MySQL export.php password information disclosure
3709| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
3710| [30760] BTSaveMySql URL file disclosure
3711| [30191] StoryStream mysql.php and mysqli.php file include
3712| [30085] MySQL MS-DOS device name denial of service
3713| [30031] Agora MysqlfinderAdmin.php file include
3714| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
3715| [29179] paBugs class.mysql.php file include
3716| [29120] ZoomStats MySQL file include
3717| [28448] MySQL case sensitive database name privilege escalation
3718| [28442] MySQL GRANT EXECUTE privilege escalation
3719| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
3720| [28202] MySQL multiupdate subselect query denial of service
3721| [28180] MySQL MERGE table security bypass
3722| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
3723| [27995] Opsware Network Automation System MySQL plaintext password
3724| [27904] MySQL date_format() format string
3725| [27635] MySQL Instance Manager denial of service
3726| [27212] MySQL SELECT str_to_date denial of service
3727| [26875] MySQL ASCII escaping SQL injection
3728| [26420] Apple Mac OS X MySQL Manager blank password
3729| [26236] MySQL login packet information disclosure
3730| [26232] MySQL COM_TABLE_DUMP buffer overflow
3731| [26228] MySQL sql_parce.cc information disclosure
3732| [26042] MySQL running
3733| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
3734| [24966] MySQL mysql_real_query logging bypass
3735| [24653] PAM-MySQL logging function denial of service
3736| [24652] PAM-MySQL authentication double free code execution
3737| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
3738| [24095] PHP ext/mysqli exception handling format string
3739| [23990] PHP mysql_connect() buffer overflow
3740| [23596] MySQL Auction search module could allow cross-site scripting
3741| [22642] RHSA-2005:334 updates for mysql not installed
3742| [21757] MySQL UDF library functions command execution
3743| [21756] MySQL LoadLibraryEx function denial of service
3744| [21738] MySQL UDF mysql_create_function function directory traversal
3745| [21737] MySQL user defined function buffer overflow
3746| [21640] MySQL Eventum multiple class SQL injection
3747| [21638] MySQL Eventum multiple scripts cross-site scripting
3748| [20984] xmysqladmin temporary file symlink
3749| [20656] MySQL mysql_install_db script symlink
3750| [20333] Plans MySQL password information disclosure
3751| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
3752| [19658] MySQL udf_init function gain access
3753| [19576] auraCMS mysql_fetch_row function path disclosure
3754| [18922] MySQL mysqlaccess script symlink attack
3755| [18824] MySQL UDF root privileges
3756| [18464] mysql_auth unspecified vulnerability
3757| [18449] Sugar Sales plaintext MySQL password
3758| [17783] MySQL underscore allows elevated privileges
3759| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
3760| [17667] MySQL UNION change denial of service
3761| [17666] MySQL ALTER TABLE RENAME bypass restriction
3762| [17493] MySQL libmysqlclient bulk inserts buffer overflow
3763| [17462] MySQLGuest AWSguest.php script cross-site scripting
3764| [17047] MySQL mysql_real_connect buffer overflow
3765| [17030] MySQL mysqlhotcopy insecure temporary file
3766| [16612] MySQL my_rnd buffer overflow
3767| [16604] MySQL check_scramble_323 function allows unauthorized access
3768| [15883] MySQL mysqld_multi script symlink attack
3769| [15617] MySQL mysqlbug script symlink attack
3770| [15417] Confixx db_mysql_loeschen2.php SQL injection
3771| [15280] Proofpoint Protection Server MySQL allows unauthorized access
3772| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
3773| [13153] MySQL long password buffer overflow
3774| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
3775| [12540] Teapop PostSQL and MySQL modules SQL injection
3776| [12337] MySQL mysql_real_connect function buffer overflow
3777| [11510] MySQL datadir/my.cnf modification could allow root privileges
3778| [11493] mysqlcc configuration and connection files are world writable
3779| [11340] SuckBot mod_mysql_logger denial of service
3780| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
3781| [10850] MySQL libmysql client read_one_row buffer overflow
3782| [10849] MySQL libmysql client read_rows buffer overflow
3783| [10848] MySQL COM_CHANGE_USER password buffer overflow
3784| [10847] MySQL COM_CHANGE_USER command password authentication bypass
3785| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
3786| [10483] Bugzilla stores passwords in plain text in the MySQL database
3787| [10455] gBook MySQL could allow administrative access
3788| [10243] MySQL my.ini "
3789| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
3790| [9909] MySQL logging disabled by default on Windows
3791| [9908] MySQL binding to the loopback adapter is disabled
3792| [9902] MySQL default root password could allow unauthorized access
3793| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
3794| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
3795| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
3796| [7206] WinMySQLadmin stores MySQL password in plain text
3797| [6617] MySQL "
3798| [6419] MySQL drop database command buffer overflow
3799| [6418] MySQL libmysqlclient.so buffer overflow
3800| [5969] MySQL select buffer overflow
3801| [5447] pam_mysql authentication input
3802| [5409] MySQL authentication algorithm obtain password hash
3803| [5057] PCCS MySQL Database Admin Tool could reveal username and password
3804| [4228] MySQL unauthenticated remote access
3805| [3849] MySQL default test account could allow any user to connect to the database
3806| [1568] MySQL creates readable log files
3807|
3808| Exploit-DB - https://www.exploit-db.com:
3809| [30744] MySQL <= 5.1.23 Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
3810| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
3811| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
3812| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
3813| [23073] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
3814| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
3815| [18269] MySQL 5.5.8 - Remote Denial of Service (DOS)
3816| [15467] Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial of Service Vulnerability
3817| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
3818| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
3819| [4392] PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
3820| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
3821| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
3822|
3823| OpenVAS (Nessus) - http://www.openvas.org:
3824| [53251] Debian Security Advisory DSA 562-1 (mysql)
3825| [53230] Debian Security Advisory DSA 540-1 (mysql)
3826|
3827| SecurityTracker - https://www.securitytracker.com:
3828| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
3829| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
3830| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
3831| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
3832| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
3833| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
3834| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
3835| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
3836| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
3837| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
3838| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
3839| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
3840| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
3841| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
3842| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
3843| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
3844| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
3845| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
3846| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
3847| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
3848| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
3849| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
3850| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
3851| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
3852| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
3853| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
3854| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
3855| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
3856| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
3857| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
3858| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
3859| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
3860| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
3861| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
3862| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
3863| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
3864| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
3865| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
3866| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
3867| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
3868| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
3869| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
3870| [1016790] MySQL Replication Error Lets Local Users Deny Service
3871| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
3872| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
3873| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
3874| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
3875| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
3876| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
3877| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
3878| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
3879| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
3880| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
3881| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
3882| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
3883| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
3884| [1014172] xMySQLadmin Lets Local Users Delete Files
3885| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
3886| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
3887| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
3888| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
3889| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
3890| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
3891| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
3892| [1012500] mysql_auth Memory Leak Has Unspecified Impact
3893| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
3894| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
3895| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
3896| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
3897| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
3898| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
3899| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
3900| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
3901| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
3902| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
3903| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
3904| [1007518] DWebPro Discloses MySQL Database Password to Local Users
3905| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
3906| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
3907| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
3908| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
3909| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
3910| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
3911| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
3912| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
3913| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
3914| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
3915| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
3916| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
3917| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
3918|
3919| OSVDB - http://www.osvdb.org:
3920| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
3921| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
3922| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
3923| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
3924| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
3925| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
3926| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
3927| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
3928| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
3929| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
3930| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
3931| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
3932| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
3933| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
3934| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
3935| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
3936| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
3937| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
3938| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
3939| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
3940| [93174] MySQL Crafted Derived Table Handling DoS
3941| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
3942| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
3943| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
3944| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
3945| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
3946| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
3947| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
3948| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
3949| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
3950| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
3951| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
3952| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
3953| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
3954| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
3955| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
3956| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
3957| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
3958| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
3959| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
3960| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
3961| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
3962| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
3963| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
3964| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
3965| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
3966| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
3967| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
3968| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
3969| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
3970| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
3971| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
3972| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
3973| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
3974| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
3975| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
3976| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
3977| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
3978| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
3979| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
3980| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
3981| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
3982| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
3983| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
3984| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
3985| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
3986| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
3987| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
3988| [89042] ViciBox Server MySQL cron Service Default Credentials
3989| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
3990| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
3991| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
3992| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
3993| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
3994| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
3995| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
3996| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
3997| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
3998| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
3999| [87480] MySQL Malformed XML Comment Handling DoS
4000| [87466] MySQL SSL Certificate Revocation Weakness
4001| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
4002| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
4003| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
4004| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
4005| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
4006| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
4007| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
4008| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
4009| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
4010| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
4011| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
4012| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
4013| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
4014| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
4015| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
4016| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
4017| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
4018| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
4019| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
4020| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
4021| [84719] MySQLDumper index.php page Parameter XSS
4022| [84680] MySQL Squid Access Report access.log File Path XSS
4023| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
4024| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
4025| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
4026| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
4027| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
4028| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
4029| [83661] Oracle MySQL Unspecified Issue (59533)
4030| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
4031| [82803] Oracle MySQL Unspecified Issue (59387)
4032| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
4033| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
4034| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
4035| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
4036| [81614] MySQLDumper File Upload PHP Code Execution
4037| [81613] MySQLDumper main.php Multiple Function CSRF
4038| [81612] MySQLDumper restore.php filename Parameter XSS
4039| [81611] MySQLDumper sql.php Multiple Parameter XSS
4040| [81610] MySQLDumper install.php Multiple Parameter XSS
4041| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
4042| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
4043| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
4044| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
4045| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
4046| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
4047| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
4048| [81059] Oracle MySQL Server Multiple Unspecified Issues
4049| [79038] Webmin Process Listing MySQL Password Local Disclosure
4050| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
4051| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
4052| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
4053| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
4054| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
4055| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
4056| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
4057| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
4058| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
4059| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
4060| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
4061| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
4062| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
4063| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
4064| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
4065| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
4066| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
4067| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
4068| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
4069| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
4070| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
4071| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
4072| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
4073| [78375] Oracle MySQL Server Unspecified Local DoS
4074| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
4075| [78373] Oracle MySQL Server Unspecified Local Issue
4076| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
4077| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
4078| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
4079| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
4080| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
4081| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
4082| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
4083| [77040] DBD::mysqlPP Unspecified SQL Injection
4084| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
4085| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
4086| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
4087| [73387] Zend Framework PDO_MySql Character Set Security Bypass
4088| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
4089| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
4090| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
4091| [71368] Accellion File Transfer Appliance Weak MySQL root Password
4092| [70967] MySQL Eventum Admin User Creation CSRF
4093| [70966] MySQL Eventum preferences.php full_name Parameter XSS
4094| [70961] MySQL Eventum list.php Multiple Parameter XSS
4095| [70960] MySQL Eventum forgot_password.php URI XSS
4096| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
4097| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
4098| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
4099| [69395] MySQL Derived Table Grouping DoS
4100| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
4101| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
4102| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
4103| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
4104| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
4105| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
4106| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
4107| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
4108| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
4109| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
4110| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
4111| [68996] MySQL EXPLAIN EXTENDED Statement DoS
4112| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
4113| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
4114| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
4115| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
4116| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
4117| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
4118| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
4119| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
4120| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
4121| [67381] MySQL InnoDB Temporary Table Handling DoS
4122| [67380] MySQL BINLOG Statement Unspecified Argument DoS
4123| [67379] MySQL Multiple Operation NULL Argument Handling DoS
4124| [67378] MySQL Unique SET Column Join Statement Remote DoS
4125| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
4126| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
4127| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
4128| [66731] PHP Bundled MySQL Library Unspecified Issue
4129| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
4130| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
4131| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
4132| [65085] MySQL Enterprise Monitor Unspecified CSRF
4133| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
4134| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
4135| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
4136| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
4137| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
4138| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
4139| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
4140| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
4141| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
4142| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
4143| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
4144| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
4145| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
4146| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
4147| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
4148| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
4149| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
4150| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
4151| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
4152| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
4153| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
4154| [59907] MySQL on Windows bind-address Remote Connection Weakness
4155| [59906] MySQL on Windows Default Configuration Logging Weakness
4156| [59616] MySQL Hashed Password Weakness
4157| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
4158| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
4159| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
4160| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
4161| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
4162| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
4163| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
4164| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
4165| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
4166| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
4167| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
4168| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
4169| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
4170| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
4171| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
4172| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
4173| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
4174| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
4175| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
4176| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
4177| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
4178| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
4179| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
4180| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
4181| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
4182| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
4183| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
4184| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
4185| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
4186| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
4187| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
4188| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
4189| [52464] MySQL charset Column Truncation Weakness
4190| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
4191| [52378] Cisco ANM MySQL root Account Default Password
4192| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
4193| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
4194| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
4195| [50892] MySQL Calendar index.php username Parameter SQL Injection
4196| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
4197| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
4198| [48710] MySQL Command Line Client HTML Output XSS
4199| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
4200| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
4201| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
4202| [47789] mysql-lists Unspecified XSS
4203| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
4204| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
4205| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
4206| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
4207| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
4208| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
4209| [43179] MySQL Server BINLOG Statement Rights Checking Failure
4210| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
4211| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
4212| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
4213| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
4214| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
4215| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
4216| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
4217| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
4218| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
4219| [39279] PHP mysql_error() Function XSS
4220| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
4221| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
4222| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
4223| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
4224| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
4225| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
4226| [37782] MySQL Community Server External Table View Privilege Escalation
4227| [37781] MySQL ALTER TABLE Information Disclosure
4228| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
4229| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
4230| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
4231| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
4232| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
4233| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
4234| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
4235| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
4236| [36251] Associated Press (AP) Newspower Default MySQL root Password
4237| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
4238| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
4239| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
4240| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
4241| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
4242| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
4243| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
4244| [33974] MySQL information_schema Table Subselect Single-Row DoS
4245| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
4246| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
4247| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
4248| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
4249| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
4250| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
4251| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
4252| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
4253| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
4254| [32056] BTSaveMySql Direct Request Config File Disclosure
4255| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
4256| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
4257| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
4258| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
4259| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
4260| [29696] MySQLDumper sql.php db Parameter XSS
4261| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
4262| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
4263| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
4264| [28288] MySQL Instance_options::complete_initialization Function Overflow
4265| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
4266| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
4267| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
4268| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
4269| [28012] MySQL Case Sensitivity Unauthorized Database Creation
4270| [27919] MySQL VIEW Access information_schema.views Information Disclosure
4271| [27703] MySQL MERGE Table Privilege Persistence
4272| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
4273| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
4274| [27416] MySQL Server time.cc date_format Function Format String
4275| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
4276| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
4277| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
4278| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
4279| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
4280| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
4281| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
4282| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
4283| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
4284| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
4285| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
4286| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
4287| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
4288| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
4289| [25595] Apple Mac OS X MySQL Manager Blank root Password
4290| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
4291| [25227] MySQL COM_TABLE_DUMP Packet Overflow
4292| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
4293| [24245] Cholod Mysql Based Message Board Unspecified XSS
4294| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
4295| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
4296| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
4297| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
4298| [23526] MySQL Query NULL Charcter Logging Bypass
4299| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
4300| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
4301| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
4302| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
4303| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
4304| [22479] PHP mysqli Extension Error Message Format String
4305| [22232] PHP Pipe Variable mysql_connect() Function Overflow
4306| [21685] MySQL Auction Search Module keyword XSS
4307| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
4308| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
4309| [19457] aMember Pro mysql.inc.php Remote File Inclusion
4310| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
4311| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
4312| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
4313| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
4314| [18896] MySQL User-Defined Function init_syms() Function Overflow
4315| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
4316| [18894] MySQL drop database Request Remote Overflow
4317| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
4318| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
4319| [18406] MySQL Eventum releases.php SQL Injection
4320| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
4321| [18404] MySQL Eventum custom_fields.php SQL Injection
4322| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
4323| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
4324| [18401] MySQL Eventum list.php release Parameter XSS
4325| [18400] MySQL Eventum view.php id Parameter XSS
4326| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
4327| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
4328| [17223] xMySQLadmin Symlink Arbitrary File Deletion
4329| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
4330| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
4331| [16056] Plans Unspecified mySQL Remote Password Disclosure
4332| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
4333| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
4334| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
4335| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
4336| [14748] MySQL MS-DOS Device Names Request DoS
4337| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
4338| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
4339| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
4340| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
4341| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
4342| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
4343| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
4344| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
4345| [12919] MySQL MaxDB WebAgent websql Remote Overflow
4346| [12779] MySQL User Defined Function Privilege Escalation
4347| [12609] MySQL Eventum projects.php Multiple Parameter XSS
4348| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
4349| [12607] MySQL Eventum forgot_password.php email Parameter XSS
4350| [12606] MySQL Eventum index.php email Parameter XSS
4351| [12605] MySQL Eventum Default Vendor Account
4352| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
4353| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
4354| [11689] Roxen Web Server MySQL Socket Permission Weakness
4355| [10985] MySQL MATCH..AGAINST Query DoS
4356| [10959] MySQL GRANT ALL ON Privilege Escalation
4357| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
4358| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
4359| [10658] MySQL mysql_real_connect() Function Remote Overflow
4360| [10532] MySQL MaxDB webdbm Server Field DoS
4361| [10491] AWS MySQLguest AWSguest.php Script Insertion
4362| [10244] MySQL libmysqlclient Prepared Statements API Overflow
4363| [10226] MySQLGuest AWSguest.php Multiple Field XSS
4364| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
4365| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
4366| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
4367| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
4368| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
4369| [9907] MySQL SELECT Statement String Handling Overflow
4370| [9906] MySQL GRANT Privilege Arbitrary Password Modification
4371| [9509] teapop MySQL Authentication Module SQL Injection
4372| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
4373| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
4374| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
4375| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
4376| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
4377| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
4378| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
4379| [8886] MySQL libmysqlclient Library read_one_row Overflow
4380| [8885] MySQL libmysqlclient Library read_rows Overflow
4381| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
4382| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
4383| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
4384| [7128] MySQL show database Database Name Exposure
4385| [6716] MySQL Database Engine Weak Authentication Information Disclosure
4386| [6605] MySQL mysqld Readable Log File Information Disclosure
4387| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
4388| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
4389| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
4390| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
4391| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
4392| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
4393| [520] MySQL Database Name Traversal Arbitrary File Modification
4394| [380] MySQL Server on Windows Default Null Root Password
4395| [261] MySQL Short Check String Authentication Bypass
4396|_
43975432/tcp closed postgresql
43988083/tcp open http nginx
4399| vulscan: VulDB - https://vuldb.com:
4400| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
4401| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
4402| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
4403| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
4404| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
4405| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
4406| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
4407| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
4408| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
4409| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
4410| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
4411| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
4412| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
4413| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
4414| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
4415| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
4416| [67677] nginx up to 1.7.3 SSL weak authentication
4417| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
4418| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
4419| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
4420| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
4421| [65364] nginx up to 1.1.13 Default Configuration information disclosure
4422| [8671] nginx up to 1.4 proxy_pass denial of service
4423| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
4424| [7247] nginx 1.2.6 Proxy Function spoofing
4425| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
4426| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
4427| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
4428| [59645] nginx up to 0.8.9 Heap-based memory corruption
4429| [53592] nginx 0.8.36 memory corruption
4430| [53590] nginx up to 0.8.9 unknown vulnerability
4431| [51533] nginx 0.7.64 Terminal privilege escalation
4432| [50905] nginx up to 0.8.9 directory traversal
4433| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
4434| [50043] nginx up to 0.8.10 memory corruption
4435|
4436| MITRE CVE - https://cve.mitre.org:
4437| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
4438| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
4439| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
4440| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
4441| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
4442| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
4443| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
4444| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
4445| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
4446| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
4447| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
4448| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
4449| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
4450|
4451| SecurityFocus - https://www.securityfocus.com/bid/:
4452| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
4453| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
4454| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
4455| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
4456| [82230] nginx Multiple Denial of Service Vulnerabilities
4457| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
4458| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
4459| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
4460| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
4461| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
4462| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
4463| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
4464| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
4465| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
4466| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
4467| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
4468| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
4469| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
4470| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
4471| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
4472| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
4473| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
4474| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
4475| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
4476| [40420] nginx Directory Traversal Vulnerability
4477| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
4478| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
4479| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
4480| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
4481| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
4482|
4483| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4484| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
4485| [84172] nginx denial of service
4486| [84048] nginx buffer overflow
4487| [83923] nginx ngx_http_close_connection() integer overflow
4488| [83688] nginx null byte code execution
4489| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
4490| [82319] nginx access.log information disclosure
4491| [80952] nginx SSL spoofing
4492| [77244] nginx and Microsoft Windows request security bypass
4493| [76778] Naxsi module for Nginx nx_extract.py directory traversal
4494| [74831] nginx ngx_http_mp4_module.c buffer overflow
4495| [74191] nginx ngx_cpystrn() information disclosure
4496| [74045] nginx header response information disclosure
4497| [71355] nginx ngx_resolver_copy() buffer overflow
4498| [59370] nginx characters denial of service
4499| [59369] nginx DATA source code disclosure
4500| [59047] nginx space source code disclosure
4501| [58966] nginx unspecified directory traversal
4502| [54025] nginx ngx_http_parse.c denial of service
4503| [53431] nginx WebDAV component directory traversal
4504| [53328] Nginx CRC-32 cached domain name spoofing
4505| [53250] Nginx ngx_http_parse_complex_uri() function code execution
4506|
4507| Exploit-DB - https://www.exploit-db.com:
4508| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
4509| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
4510| [25499] nginx 1.3.9-1.4.0 DoS PoC
4511| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
4512| [14830] nginx 0.6.38 - Heap Corruption Exploit
4513| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
4514| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
4515| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
4516| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
4517| [9829] nginx 0.7.61 WebDAV directory traversal
4518|
4519| OpenVAS (Nessus) - http://www.openvas.org:
4520| [864418] Fedora Update for nginx FEDORA-2012-3846
4521| [864310] Fedora Update for nginx FEDORA-2012-6238
4522| [864209] Fedora Update for nginx FEDORA-2012-6411
4523| [864204] Fedora Update for nginx FEDORA-2012-6371
4524| [864121] Fedora Update for nginx FEDORA-2012-4006
4525| [864115] Fedora Update for nginx FEDORA-2012-3991
4526| [864065] Fedora Update for nginx FEDORA-2011-16075
4527| [863654] Fedora Update for nginx FEDORA-2011-16110
4528| [861232] Fedora Update for nginx FEDORA-2007-1158
4529| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
4530| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
4531| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
4532| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
4533| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
4534| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
4535| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
4536| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
4537| [100659] nginx Directory Traversal Vulnerability
4538| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
4539| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
4540| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
4541| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
4542| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
4543| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
4544| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
4545| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
4546| [71297] FreeBSD Ports: nginx
4547| [71276] FreeBSD Ports: nginx
4548| [71239] Debian Security Advisory DSA 2434-1 (nginx)
4549| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
4550| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
4551| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
4552| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
4553| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
4554| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
4555| [64894] FreeBSD Ports: nginx
4556| [64869] Debian Security Advisory DSA 1884-1 (nginx)
4557|
4558| SecurityTracker - https://www.securitytracker.com:
4559| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
4560| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
4561| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
4562| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
4563|
4564| OSVDB - http://www.osvdb.org:
4565| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
4566| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
4567| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
4568| [92796] nginx ngx_http_close_connection Function Crafted r->
4569| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
4570| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
4571| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
4572| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
4573| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
4574| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
4575| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
4576| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
4577| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
4578| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
4579| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
4580| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
4581| [62617] nginx Internal DNS Cache Poisoning Weakness
4582| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
4583| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
4584| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
4585| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
4586| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
4587| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
4588| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
4589| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
4590| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
4591| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
4592|_
459312000/tcp closed cce4x
4594Service Info: OS: Unix
4595######################################################################################################################################
4596Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:15 EST
4597Nmap scan report for ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4598Host is up (0.065s latency).
4599Not shown: 15 filtered ports, 1 closed port
4600Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
4601PORT STATE SERVICE VERSION
460253/udp open|filtered domain
460367/udp open|filtered dhcps
460468/udp open|filtered dhcpc
460569/udp open|filtered tftp
460688/udp open|filtered kerberos-sec
4607123/udp open|filtered ntp
4608139/udp open|filtered netbios-ssn
4609161/udp open|filtered snmp
4610162/udp open|filtered snmptrap
4611389/udp open|filtered ldap
4612520/udp open|filtered route
46132049/udp open|filtered nfs
4614Too many fingerprints match this host to give specific OS details
4615
4616TRACEROUTE (using port 138/udp)
4617HOP RTT ADDRESS
46181 89.03 ms 10.245.204.1
46192 ...
46203 62.48 ms 10.245.204.1
46214 ...
46225 58.62 ms 10.245.204.1
46236 58.62 ms 10.245.204.1
46247 58.61 ms 10.245.204.1
46258 58.61 ms 10.245.204.1
46269 58.60 ms 10.245.204.1
462710 58.61 ms 10.245.204.1
462811 ... 18
462919 66.92 ms 10.245.204.1
463020 54.24 ms 10.245.204.1
463121 ... 27
463228 29.16 ms 10.245.204.1
463329 ...
463430 65.38 ms 10.245.204.1
4635######################################################################################################################################
4636Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:20 EST
4637Nmap scan report for ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4638Host is up.
4639
4640PORT STATE SERVICE VERSION
464167/tcp filtered dhcps
464267/udp open|filtered dhcps
4643|_dhcp-discover: ERROR: Script execution failed (use -d to debug)
4644Too many fingerprints match this host to give specific OS details
4645
4646TRACEROUTE (using proto 1/icmp)
4647HOP RTT ADDRESS
46481 67.60 ms 10.245.204.1
46492 97.55 ms R43.static.amanah.com (104.245.144.129)
46503 97.61 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
46514 97.62 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
46525 97.60 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161)
46536 97.64 ms be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
46547 161.68 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
46558 161.72 ms be2391.ccr51.lhr01.atlas.cogentco.com (154.54.39.149)
46569 161.71 ms a100-row.demarc.cogentco.com (149.14.196.218)
465710 161.77 ms 52.95.61.46
465811 150.85 ms 52.95.61.53
465912 ...
466013 180.20 ms 54.239.41.122
466114 ...
466215 180.19 ms 52.93.6.150
466316 180.12 ms 52.93.101.27
466417 179.37 ms 52.93.101.58
466518 179.32 ms 52.93.7.143
466619 ... 30
4667######################################################################################################################################
4668Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:22 EST
4669Nmap scan report for ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4670Host is up.
4671
4672PORT STATE SERVICE VERSION
467368/tcp filtered dhcpc
467468/udp open|filtered dhcpc
4675Too many fingerprints match this host to give specific OS details
4676
4677TRACEROUTE (using proto 1/icmp)
4678HOP RTT ADDRESS
46791 104.55 ms 10.245.204.1
46802 104.58 ms R43.static.amanah.com (104.245.144.129)
46813 104.60 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
46824 104.61 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
46835 104.61 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161)
46846 104.64 ms be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
46857 134.29 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
46868 134.33 ms be2391.ccr51.lhr01.atlas.cogentco.com (154.54.39.149)
46879 134.33 ms a100-row.demarc.cogentco.com (149.14.196.218)
468810 134.40 ms 52.95.61.46
468911 149.40 ms 52.95.61.53
469012 ...
469113 179.34 ms 176.32.106.225
469214 ...
469315 179.37 ms 52.93.6.234
469416 179.38 ms 52.93.101.41
469517 218.85 ms 52.93.101.40
469618 218.87 ms 52.93.7.139
469719 ... 30
4698######################################################################################################################################
4699Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:24 EST
4700Nmap scan report for ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4701Host is up.
4702
4703PORT STATE SERVICE VERSION
470469/tcp filtered tftp
470569/udp open|filtered tftp
4706Too many fingerprints match this host to give specific OS details
4707
4708TRACEROUTE (using proto 1/icmp)
4709HOP RTT ADDRESS
47101 58.67 ms 10.245.204.1
47112 88.39 ms R43.static.amanah.com (104.245.144.129)
47123 88.43 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
47134 88.45 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
47145 88.47 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161)
47156 88.49 ms be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
47167 136.04 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
47178 194.38 ms be2391.ccr51.lhr01.atlas.cogentco.com (154.54.39.149)
47189 194.35 ms a100-row.demarc.cogentco.com (149.14.196.218)
471910 194.44 ms 52.95.61.46
472011 133.64 ms 52.95.61.53
472112 ...
472213 195.55 ms 176.32.106.225
472314 ...
472415 195.57 ms 52.93.6.234
472516 165.04 ms 52.93.101.41
472617 174.39 ms 52.93.101.40
472718 143.57 ms 52.93.7.139
472819 ... 30
4729######################################################################################################################################
4730Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:26 EST
4731Nmap scan report for ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4732Host is up.
4733
4734PORT STATE SERVICE VERSION
4735123/tcp filtered ntp
4736123/udp open|filtered ntp
4737Too many fingerprints match this host to give specific OS details
4738
4739TRACEROUTE (using proto 1/icmp)
4740HOP RTT ADDRESS
47411 103.05 ms 10.245.204.1
47422 133.03 ms R43.static.amanah.com (104.245.144.129)
47433 133.12 ms te0-0-2-1.225.nr11.b010988-1.yyz02.atlas.cogentco.com (38.104.156.9)
47444 133.12 ms te0-0-0-1.agr14.yyz02.atlas.cogentco.com (154.24.54.41)
47455 133.11 ms te0-9-1-9.ccr31.yyz02.atlas.cogentco.com (154.54.43.161)
47466 133.18 ms be3259.ccr21.ymq01.atlas.cogentco.com (154.54.41.206)
47477 180.57 ms be3042.ccr21.lpl01.atlas.cogentco.com (154.54.44.161)
47488 211.02 ms be2391.ccr51.lhr01.atlas.cogentco.com (154.54.39.149)
47499 210.99 ms a100-row.demarc.cogentco.com (149.14.196.218)
475010 133.31 ms 52.95.61.46
475111 130.94 ms 52.95.61.53
475212 ...
475313 191.11 ms 176.32.106.225
475414 ...
475515 191.05 ms 52.93.6.234
475616 160.91 ms 52.93.101.41
475717 191.08 ms 52.93.101.40
475818 182.21 ms 52.93.7.139
475919 ... 30
4760######################################################################################################################################
4761Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:28 EST
4762Nmap scan report for ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4763Host is up (0.075s latency).
4764Not shown: 65532 filtered ports
4765PORT STATE SERVICE VERSION
476625/tcp closed smtp
4767139/tcp closed netbios-ssn
4768445/tcp closed microsoft-ds
4769Too many fingerprints match this host to give specific OS details
4770Network Distance: 2 hops
4771
4772TRACEROUTE (using port 445/tcp)
4773HOP RTT ADDRESS
47741 90.62 ms 10.245.204.1
47752 90.61 ms ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4776#####################################################################################################################################
4777Starting Nmap 7.80 ( https://nmap.org ) at 2020-02-07 03:30 EST
4778Nmap scan report for ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4779Host is up (0.083s latency).
4780
4781PORT STATE SERVICE VERSION
478253/tcp filtered domain
478367/tcp filtered dhcps
478468/tcp filtered dhcpc
478569/tcp filtered tftp
478688/tcp filtered kerberos-sec
4787123/tcp filtered ntp
4788137/tcp filtered netbios-ns
4789138/tcp filtered netbios-dgm
4790139/tcp closed netbios-ssn
4791161/tcp filtered snmp
4792162/tcp filtered snmptrap
4793389/tcp filtered ldap
4794520/tcp filtered efs
47952049/tcp filtered nfs
479653/udp open|filtered domain
479767/udp open|filtered dhcps
479868/udp open|filtered dhcpc
479969/udp open|filtered tftp
480088/udp open|filtered kerberos-sec
4801123/udp open|filtered ntp
4802137/udp filtered netbios-ns
4803138/udp filtered netbios-dgm
4804139/udp open|filtered netbios-ssn
4805161/udp open|filtered snmp
4806162/udp open|filtered snmptrap
4807389/udp open|filtered ldap
4808520/udp open|filtered route
48092049/udp open|filtered nfs
4810Too many fingerprints match this host to give specific OS details
4811Network Distance: 2 hops
4812
4813TRACEROUTE (using port 139/tcp)
4814HOP RTT ADDRESS
48151 101.97 ms 10.245.204.1
48162 101.97 ms ec2-54-73-84-17.eu-west-1.compute.amazonaws.com (54.73.84.17)
4817######################################################################################################################################
4818Hosts
4819=====
4820
4821address mac name os_name os_flavor os_sp purpose info comments
4822------- --- ---- ------- --------- ----- ------- ---- --------
482323.201.103.9 a23-201-103-9.deploy.static.akamaitechnologies.com embedded 6.X device
482434.66.191.217 217.191.66.34.bc.googleusercontent.com Linux 2.4.X server
482545.60.80.235 Linux 3.X server
482652.198.183.13 ec2-52-198-183-13.ap-northeast-1.compute.amazonaws.co embedded device
482754.73.84.17 ec2-54-73-84-17.eu-west-1.compute.amazonaws.com Unknown device
482872.47.224.85 agaacqmame.c03.gridserver.com embedded device
482980.82.79.116 no-reverse-dns-configured.com Linux 7.0 server
483080.209.242.81 muhajeer.com Linux 3.X server
483182.221.139.217 Unknown device
483284.235.91.252 84-235-91-252.saudi.net.sa Unknown device
483387.247.240.207 crayford.servers.prgn.misp.co.uk Android 5.X device
483489.248.172.200 89-248-172-200.constellationservers.net Linux 8.0 server
483593.89.20.20 Unknown device
483693.95.228.158 Linux 18.04 server
483793.113.37.250 adsla250.ch-clienti.ro Linux 2.6.X server
483893.174.93.84 Linux 3.X server
483993.191.156.197 Unknown device
484094.102.51.33 full-dark.net Linux 2.6.X server
4841104.154.60.12 12.60.154.104.bc.googleusercontent.com Linux 2.6.X server
4842104.218.232.66 Linux 3.X server
4843107.154.130.27 107.154.130.27.ip.incapdns.net Linux 3.X server
4844107.154.248.27 107.154.248.27.ip.incapdns.net Linux 3.X server
4845147.237.0.206 embedded device
4846150.95.250.133 embedded device
4847151.139.243.11 Linux 4.X server
4848154.73.84.17 Unknown device
4849157.7.107.254 157-7-107-254.virt.lolipop.jp embedded device
4850159.89.0.72 Linux 16.04 server
4851160.153.72.166 ip-160-153-72-166.ip.secureserver.net Linux 3.X server
4852163.247.52.17 www.mtt.cl Linux 2.6.X server
4853163.247.96.10 Linux 2.6.X server
4854170.246.172.178 host-170-246-172-178.anacondaweb.com Linux 2.6.X server
4855180.222.81.193 bvdeuy193.secure.ne.jp Linux 2.6.X server
4856184.72.111.210 ec2-184-72-111-210.compute-1.amazonaws.com Linux 2.6.X server
4857185.2.4.98 lhcp1098.webapps.net embedded device
4858185.68.93.22 verbatim1981.example.com Unknown device
4859185.119.173.237 Linux 2.6.X server
4860186.67.91.110 ipj10-110.poderjudicial.cl Linux 2.6.X server
4861192.0.78.12 Linux 2.4.X server
4862192.0.78.13 Linux 2.6.X server
4863194.18.73.2 www.sakerhetspolisen.se Linux 2.6.X server
4864194.39.164.140 194.39.164.140.srvlist.ukfast.net Linux 3.X server
4865200.14.67.43 senado.cl Linux 2.6.X server
4866200.14.67.65 Linux 2.6.X server
4867200.35.157.77 srv77.talcaguia.cl Unknown device
4868201.131.38.40 Linux 2.6.X server
4869201.238.246.43 Unknown device
4870202.214.194.138 Linux 2.6.X server
4871202.238.130.103 Linux 2.6.X server
4872203.137.110.66 Unknown device
4873203.183.218.244 Unknown device
4874209.59.165.178 rabbit.ceilingsky.com Linux 2.6.X server
4875210.149.141.34 Unknown device
4876210.152.243.182 Unknown device
4877210.160.220.105 h105.sk3.estore.co.jp embedded device
4878210.160.220.113 h113.sk3.estore.co.jp embedded device
4879210.226.36.2 210-226-36-2.df.nttcomcloud.com Linux 2.6.X server
4880217.160.131.142 s18161039.onlinehome-server.info Linux 2.6.X server
4881######################################################################################################################################
4882Services
4883========
4884
4885host port proto name state info
4886---- ---- ----- ---- ----- ----
488723.201.103.9 25 tcp smtp closed
488823.201.103.9 53 tcp domain filtered
488923.201.103.9 53 udp domain unknown
489023.201.103.9 67 tcp dhcps filtered
489123.201.103.9 67 udp dhcps unknown
489223.201.103.9 68 tcp dhcpc filtered
489323.201.103.9 68 udp dhcpc unknown
489423.201.103.9 69 tcp tftp filtered
489523.201.103.9 69 udp tftp unknown
489623.201.103.9 80 tcp http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
489723.201.103.9 88 tcp kerberos-sec filtered
489823.201.103.9 88 udp kerberos-sec unknown
489923.201.103.9 123 tcp ntp filtered
490023.201.103.9 123 udp ntp unknown
490123.201.103.9 137 tcp netbios-ns filtered
490223.201.103.9 137 udp netbios-ns filtered
490323.201.103.9 138 tcp netbios-dgm filtered
490423.201.103.9 138 udp netbios-dgm filtered
490523.201.103.9 139 tcp netbios-ssn closed
490623.201.103.9 139 udp netbios-ssn unknown
490723.201.103.9 161 tcp snmp filtered
490823.201.103.9 161 udp snmp unknown
490923.201.103.9 162 tcp snmptrap filtered
491023.201.103.9 162 udp snmptrap unknown
491123.201.103.9 389 tcp ldap filtered
491223.201.103.9 389 udp ldap unknown
491323.201.103.9 443 tcp ssl/http open AkamaiGHost Akamai's HTTP Acceleration/Mirror service
491423.201.103.9 445 tcp microsoft-ds closed
491523.201.103.9 520 tcp efs filtered
491623.201.103.9 520 udp route unknown
491723.201.103.9 2049 tcp nfs filtered
491823.201.103.9 2049 udp nfs unknown
491923.201.103.9 8883 tcp secure-mqtt open
492034.66.191.217 25 tcp smtp closed
492134.66.191.217 53 tcp domain filtered
492234.66.191.217 53 udp domain unknown
492334.66.191.217 67 tcp dhcps filtered
492434.66.191.217 67 udp dhcps unknown
492534.66.191.217 68 tcp dhcpc filtered
492634.66.191.217 68 udp dhcpc unknown
492734.66.191.217 69 tcp tftp filtered
492834.66.191.217 69 udp tftp unknown
492934.66.191.217 80 tcp http open nginx
493034.66.191.217 88 tcp kerberos-sec filtered
493134.66.191.217 88 udp kerberos-sec unknown
493234.66.191.217 123 tcp ntp filtered
493334.66.191.217 123 udp ntp unknown
493434.66.191.217 137 tcp netbios-ns filtered
493534.66.191.217 137 udp netbios-ns filtered
493634.66.191.217 138 tcp netbios-dgm filtered
493734.66.191.217 138 udp netbios-dgm filtered
493834.66.191.217 139 tcp netbios-ssn closed
493934.66.191.217 139 udp netbios-ssn unknown
494034.66.191.217 161 tcp snmp filtered
494134.66.191.217 161 udp snmp unknown
494234.66.191.217 162 tcp snmptrap filtered
494334.66.191.217 162 udp snmptrap unknown
494434.66.191.217 389 tcp ldap filtered
494534.66.191.217 389 udp ldap unknown
494634.66.191.217 443 tcp ssl/http open nginx
494734.66.191.217 445 tcp microsoft-ds closed
494834.66.191.217 520 tcp efs filtered
494934.66.191.217 520 udp route unknown
495034.66.191.217 2049 tcp nfs filtered
495134.66.191.217 2049 udp nfs unknown
495234.66.191.217 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
495345.60.80.235 53 tcp domain open
495445.60.80.235 53 udp domain open
495545.60.80.235 67 udp dhcps unknown
495645.60.80.235 68 udp dhcpc unknown
495745.60.80.235 69 udp tftp unknown
495845.60.80.235 80 tcp http open Incapsula CDN httpd
495945.60.80.235 81 tcp http open Incapsula CDN httpd
496045.60.80.235 85 tcp http open Incapsula CDN httpd
496145.60.80.235 88 tcp http open Incapsula CDN httpd
496245.60.80.235 88 udp kerberos-sec unknown
496345.60.80.235 123 udp ntp unknown
496445.60.80.235 139 udp netbios-ssn unknown
496545.60.80.235 161 udp snmp unknown
496645.60.80.235 162 udp snmptrap unknown
496745.60.80.235 389 tcp ssl/http open Incapsula CDN httpd
496845.60.80.235 389 udp ldap unknown
496945.60.80.235 443 tcp ssl/http open Incapsula CDN httpd
497045.60.80.235 444 tcp ssl/http open Incapsula CDN httpd
497145.60.80.235 446 tcp http open Incapsula CDN httpd
497245.60.80.235 520 udp route unknown
497345.60.80.235 587 tcp http open Incapsula CDN httpd
497445.60.80.235 631 tcp http open Incapsula CDN httpd
497545.60.80.235 888 tcp http open Incapsula CDN httpd
497645.60.80.235 995 tcp ssl/http open Incapsula CDN httpd
497745.60.80.235 998 tcp ssl/http open Incapsula CDN httpd
497845.60.80.235 999 tcp http open Incapsula CDN httpd
497945.60.80.235 1000 tcp http open Incapsula CDN httpd
498045.60.80.235 1024 tcp http open Incapsula CDN httpd
498145.60.80.235 1103 tcp http open Incapsula CDN httpd
498245.60.80.235 1234 tcp http open Incapsula CDN httpd
498345.60.80.235 1433 tcp http open Incapsula CDN httpd
498445.60.80.235 1494 tcp http open Incapsula CDN httpd
498545.60.80.235 2000 tcp ssl/http open Incapsula CDN httpd
498645.60.80.235 2001 tcp http open Incapsula CDN httpd
498745.60.80.235 2049 tcp http open Incapsula CDN httpd
498845.60.80.235 2049 udp nfs unknown
498945.60.80.235 2067 tcp http open Incapsula CDN httpd
499045.60.80.235 2100 tcp ssl/http open Incapsula CDN httpd
499145.60.80.235 2222 tcp http open Incapsula CDN httpd
499245.60.80.235 2598 tcp http open Incapsula CDN httpd
499345.60.80.235 3000 tcp http open Incapsula CDN httpd
499445.60.80.235 3050 tcp http open Incapsula CDN httpd
499545.60.80.235 3057 tcp http open Incapsula CDN httpd
499645.60.80.235 3299 tcp http open Incapsula CDN httpd
499745.60.80.235 3306 tcp ssl/http open Incapsula CDN httpd
499845.60.80.235 3333 tcp http open Incapsula CDN httpd
499945.60.80.235 3389 tcp ssl/http open Incapsula CDN httpd
500045.60.80.235 3500 tcp http open Incapsula CDN httpd
500145.60.80.235 3790 tcp http open Incapsula CDN httpd
500245.60.80.235 4000 tcp http open Incapsula CDN httpd
500345.60.80.235 4444 tcp ssl/http open Incapsula CDN httpd
500445.60.80.235 4445 tcp ssl/http open Incapsula CDN httpd
500545.60.80.235 5000 tcp http open Incapsula CDN httpd
500645.60.80.235 5009 tcp http open Incapsula CDN httpd
500745.60.80.235 5060 tcp ssl/http open Incapsula CDN httpd
500845.60.80.235 5061 tcp ssl/http open Incapsula CDN httpd
500945.60.80.235 5227 tcp ssl/http open Incapsula CDN httpd
501045.60.80.235 5247 tcp ssl/http open Incapsula CDN httpd
501145.60.80.235 5250 tcp ssl/http open Incapsula CDN httpd
501245.60.80.235 5555 tcp http open Incapsula CDN httpd
501345.60.80.235 5900 tcp http open Incapsula CDN httpd
501445.60.80.235 5901 tcp ssl/http open Incapsula CDN httpd
501545.60.80.235 5902 tcp ssl/http open Incapsula CDN httpd
501645.60.80.235 5903 tcp ssl/http open Incapsula CDN httpd
501745.60.80.235 5904 tcp ssl/http open Incapsula CDN httpd
501845.60.80.235 5905 tcp ssl/http open Incapsula CDN httpd
501945.60.80.235 5906 tcp ssl/http open Incapsula CDN httpd
502045.60.80.235 5907 tcp ssl/http open Incapsula CDN httpd
502145.60.80.235 5908 tcp ssl/http open Incapsula CDN httpd
502245.60.80.235 5909 tcp ssl/http open Incapsula CDN httpd
502345.60.80.235 5910 tcp ssl/http open Incapsula CDN httpd
502445.60.80.235 5920 tcp ssl/http open Incapsula CDN httpd
502545.60.80.235 5984 tcp ssl/http open Incapsula CDN httpd
502645.60.80.235 5985 tcp http open Incapsula CDN httpd
502745.60.80.235 5986 tcp ssl/http open Incapsula CDN httpd
502845.60.80.235 5999 tcp ssl/http open Incapsula CDN httpd
502945.60.80.235 6000 tcp http open Incapsula CDN httpd
503045.60.80.235 6060 tcp http open Incapsula CDN httpd
503145.60.80.235 6161 tcp http open Incapsula CDN httpd
503245.60.80.235 6379 tcp http open Incapsula CDN httpd
503345.60.80.235 6661 tcp ssl/http open Incapsula CDN httpd
503445.60.80.235 6789 tcp http open Incapsula CDN httpd
503545.60.80.235 7001 tcp http open Incapsula CDN httpd
503645.60.80.235 7021 tcp http open Incapsula CDN httpd
503745.60.80.235 7071 tcp ssl/http open Incapsula CDN httpd
503845.60.80.235 7080 tcp http open Incapsula CDN httpd
503945.60.80.235 7272 tcp ssl/http open Incapsula CDN httpd
504045.60.80.235 7443 tcp ssl/http open Incapsula CDN httpd
504145.60.80.235 7700 tcp http open Incapsula CDN httpd
504245.60.80.235 7777 tcp http open Incapsula CDN httpd
504345.60.80.235 7778 tcp http open Incapsula CDN httpd
504445.60.80.235 8000 tcp http open Incapsula CDN httpd
504545.60.80.235 8001 tcp http open Incapsula CDN httpd
504645.60.80.235 8008 tcp http open Incapsula CDN httpd
504745.60.80.235 8014 tcp http open Incapsula CDN httpd
504845.60.80.235 8020 tcp http open Incapsula CDN httpd
504945.60.80.235 8023 tcp http open Incapsula CDN httpd
505045.60.80.235 8028 tcp http open Incapsula CDN httpd
505145.60.80.235 8030 tcp http open Incapsula CDN httpd
505245.60.80.235 8050 tcp http open Incapsula CDN httpd
505345.60.80.235 8051 tcp http open Incapsula CDN httpd
505445.60.80.235 8080 tcp http open Incapsula CDN httpd
505545.60.80.235 8081 tcp http open Incapsula CDN httpd
505645.60.80.235 8082 tcp http open Incapsula CDN httpd
505745.60.80.235 8085 tcp http open Incapsula CDN httpd
505845.60.80.235 8086 tcp http open Incapsula CDN httpd
505945.60.80.235 8087 tcp http open Incapsula CDN httpd
506045.60.80.235 8088 tcp http open Incapsula CDN httpd
506145.60.80.235 8090 tcp http open Incapsula CDN httpd
506245.60.80.235 8091 tcp http open Incapsula CDN httpd
506345.60.80.235 8095 tcp http open Incapsula CDN httpd
506445.60.80.235 8101 tcp http open Incapsula CDN httpd
506545.60.80.235 8161 tcp http open Incapsula CDN httpd
506645.60.80.235 8180 tcp http open Incapsula CDN httpd
506745.60.80.235 8222 tcp http open Incapsula CDN httpd
506845.60.80.235 8333 tcp http open Incapsula CDN httpd
506945.60.80.235 8443 tcp ssl/http open Incapsula CDN httpd
507045.60.80.235 8444 tcp http open Incapsula CDN httpd
507145.60.80.235 8445 tcp http open Incapsula CDN httpd
507245.60.80.235 8503 tcp ssl/http open Incapsula CDN httpd
507345.60.80.235 8686 tcp http open Incapsula CDN httpd
507445.60.80.235 8787 tcp http open Incapsula CDN httpd
507545.60.80.235 8800 tcp http open Incapsula CDN httpd
507645.60.80.235 8812 tcp http open Incapsula CDN httpd
507745.60.80.235 8834 tcp http open Incapsula CDN httpd
507845.60.80.235 8880 tcp http open Incapsula CDN httpd
507945.60.80.235 8888 tcp http open Incapsula CDN httpd
508045.60.80.235 8890 tcp http open Incapsula CDN httpd
508145.60.80.235 8899 tcp http open Incapsula CDN httpd
508245.60.80.235 8901 tcp http open Incapsula CDN httpd
508345.60.80.235 8902 tcp http open Incapsula CDN httpd
508445.60.80.235 8999 tcp http open Incapsula CDN httpd
508545.60.80.235 9000 tcp http open Incapsula CDN httpd
508645.60.80.235 9001 tcp http open Incapsula CDN httpd
508745.60.80.235 9002 tcp http open Incapsula CDN httpd
508845.60.80.235 9003 tcp http open Incapsula CDN httpd
508945.60.80.235 9004 tcp http open Incapsula CDN httpd
509045.60.80.235 9005 tcp http open Incapsula CDN httpd
509145.60.80.235 9010 tcp http open Incapsula CDN httpd
509245.60.80.235 9050 tcp http open Incapsula CDN httpd
509345.60.80.235 9080 tcp http open Incapsula CDN httpd
509445.60.80.235 9081 tcp ssl/http open Incapsula CDN httpd
509545.60.80.235 9084 tcp http open Incapsula CDN httpd
509645.60.80.235 9090 tcp http open Incapsula CDN httpd
509745.60.80.235 9099 tcp http open Incapsula CDN httpd
509845.60.80.235 9100 tcp jetdirect open
509945.60.80.235 9111 tcp http open Incapsula CDN httpd
510045.60.80.235 9200 tcp http open Incapsula CDN httpd
510145.60.80.235 9300 tcp http open Incapsula CDN httpd
510245.60.80.235 9500 tcp http open Incapsula CDN httpd
510345.60.80.235 9711 tcp ssl/http open Incapsula CDN httpd
510445.60.80.235 9991 tcp http open Incapsula CDN httpd
510545.60.80.235 9999 tcp http open Incapsula CDN httpd
510645.60.80.235 10000 tcp http open Incapsula CDN httpd
510752.198.183.13 25 tcp smtp closed
510852.198.183.13 53 tcp domain filtered
510952.198.183.13 53 udp domain unknown
511052.198.183.13 67 tcp dhcps filtered
511152.198.183.13 67 udp dhcps unknown
511252.198.183.13 68 tcp dhcpc filtered
511352.198.183.13 68 udp dhcpc unknown
511452.198.183.13 69 tcp tftp filtered
511552.198.183.13 69 udp tftp unknown
511652.198.183.13 80 tcp http open nginx
511752.198.183.13 88 tcp kerberos-sec filtered
511852.198.183.13 88 udp kerberos-sec unknown
511952.198.183.13 123 tcp ntp filtered
512052.198.183.13 123 udp ntp unknown
512152.198.183.13 137 tcp netbios-ns filtered
512252.198.183.13 137 udp netbios-ns filtered
512352.198.183.13 138 tcp netbios-dgm filtered
512452.198.183.13 138 udp netbios-dgm filtered
512552.198.183.13 139 tcp netbios-ssn closed
512652.198.183.13 139 udp netbios-ssn unknown
512752.198.183.13 161 tcp snmp filtered
512852.198.183.13 161 udp snmp unknown
512952.198.183.13 162 tcp snmptrap filtered
513052.198.183.13 162 udp snmptrap unknown
513152.198.183.13 389 tcp ldap filtered
513252.198.183.13 389 udp ldap unknown
513352.198.183.13 443 tcp ssl/http open nginx
513452.198.183.13 445 tcp microsoft-ds closed
513552.198.183.13 520 tcp efs filtered
513652.198.183.13 520 udp route unknown
513752.198.183.13 2049 tcp nfs filtered
513852.198.183.13 2049 udp nfs unknown
513954.73.84.17 25 tcp smtp closed
514054.73.84.17 53 tcp domain filtered
514154.73.84.17 53 udp domain unknown
514254.73.84.17 67 tcp dhcps filtered
514354.73.84.17 67 udp dhcps unknown
514454.73.84.17 68 tcp dhcpc filtered
514554.73.84.17 68 udp dhcpc unknown
514654.73.84.17 69 tcp tftp filtered
514754.73.84.17 69 udp tftp unknown
514854.73.84.17 88 tcp kerberos-sec filtered
514954.73.84.17 88 udp kerberos-sec unknown
515054.73.84.17 123 tcp ntp filtered
515154.73.84.17 123 udp ntp unknown
515254.73.84.17 137 tcp netbios-ns filtered
515354.73.84.17 137 udp netbios-ns filtered
515454.73.84.17 138 tcp netbios-dgm filtered
515554.73.84.17 138 udp netbios-dgm filtered
515654.73.84.17 139 tcp netbios-ssn closed
515754.73.84.17 139 udp netbios-ssn unknown
515854.73.84.17 161 tcp snmp filtered
515954.73.84.17 161 udp snmp unknown
516054.73.84.17 162 tcp snmptrap filtered
516154.73.84.17 162 udp snmptrap unknown
516254.73.84.17 389 tcp ldap filtered
516354.73.84.17 389 udp ldap unknown
516454.73.84.17 445 tcp microsoft-ds closed
516554.73.84.17 520 tcp efs filtered
516654.73.84.17 520 udp route unknown
516754.73.84.17 2049 tcp nfs filtered
516854.73.84.17 2049 udp nfs unknown
516972.47.224.85 25 tcp smtp closed
517072.47.224.85 53 tcp domain filtered
517172.47.224.85 53 udp domain unknown
517272.47.224.85 67 tcp dhcps filtered
517372.47.224.85 67 udp dhcps unknown
517472.47.224.85 68 tcp dhcpc filtered
517572.47.224.85 68 udp dhcpc unknown
517672.47.224.85 69 tcp tftp filtered
517772.47.224.85 69 udp tftp unknown
517872.47.224.85 80 tcp http open Apache httpd 2.4.39
517972.47.224.85 88 tcp kerberos-sec filtered
518072.47.224.85 88 udp kerberos-sec unknown
518172.47.224.85 110 tcp pop3 open Dovecot pop3d
518272.47.224.85 123 tcp ntp filtered
518372.47.224.85 123 udp ntp unknown
518472.47.224.85 137 tcp netbios-ns filtered
518572.47.224.85 137 udp netbios-ns filtered
518672.47.224.85 138 tcp netbios-dgm filtered
518772.47.224.85 138 udp netbios-dgm filtered
518872.47.224.85 139 tcp netbios-ssn closed
518972.47.224.85 139 udp netbios-ssn unknown
519072.47.224.85 143 tcp imap open Dovecot imapd
519172.47.224.85 161 tcp snmp filtered
519272.47.224.85 161 udp snmp unknown
519372.47.224.85 162 tcp snmptrap filtered
519472.47.224.85 162 udp snmptrap unknown
519572.47.224.85 389 tcp ldap filtered
519672.47.224.85 389 udp ldap unknown
519772.47.224.85 443 tcp ssl/http open nginx 1.16.1
519872.47.224.85 445 tcp microsoft-ds closed
519972.47.224.85 465 tcp ssl/smtp open Exim smtpd 4.84_2
520072.47.224.85 520 tcp efs filtered
520172.47.224.85 520 udp route unknown
520272.47.224.85 587 tcp smtp open Exim smtpd 4.84_2
520372.47.224.85 993 tcp ssl/imaps open
520472.47.224.85 995 tcp ssl/pop3s open
520572.47.224.85 2049 tcp nfs filtered
520672.47.224.85 2049 udp nfs unknown
520780.82.79.116 21 tcp ftp open 220 (vsFTPd 3.0.2)\x0d\x0a
520880.82.79.116 22 tcp ssh open SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u6
520980.82.79.116 53 tcp domain open ISC BIND 9.8.4-rpz2+rl005.12-P1
521080.82.79.116 53 udp domain open ISC BIND 9.8.4-rpz2+rl005.12-P1
521180.82.79.116 67 tcp dhcps closed
521280.82.79.116 67 udp dhcps closed
521380.82.79.116 68 tcp dhcpc closed
521480.82.79.116 68 udp dhcpc closed
521580.82.79.116 69 tcp tftp closed
521680.82.79.116 69 udp tftp unknown
521780.82.79.116 88 tcp kerberos-sec closed
521880.82.79.116 88 udp kerberos-sec unknown
521980.82.79.116 123 tcp ntp closed
522080.82.79.116 123 udp ntp unknown
522180.82.79.116 137 tcp netbios-ns closed
522280.82.79.116 137 udp netbios-ns filtered
522380.82.79.116 138 tcp netbios-dgm closed
522480.82.79.116 138 udp netbios-dgm filtered
522580.82.79.116 139 tcp netbios-ssn closed
522680.82.79.116 139 udp netbios-ssn unknown
522780.82.79.116 161 tcp snmp closed
522880.82.79.116 161 udp snmp closed
522980.82.79.116 162 tcp snmptrap closed
523080.82.79.116 162 udp snmptrap closed
523180.82.79.116 389 tcp ldap closed
523280.82.79.116 389 udp ldap closed
523380.82.79.116 520 tcp efs closed
523480.82.79.116 520 udp route closed
523580.82.79.116 2049 tcp nfs closed
523680.82.79.116 2049 udp nfs unknown
523780.209.242.81 21 tcp ftp open 220 FTP Server ready.\x0d\x0a
523880.209.242.81 22 tcp ssh open SSH-2.0-OpenSSH_7.4
523980.209.242.81 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
524080.209.242.81 53 udp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
524180.209.242.81 67 tcp dhcps filtered
524280.209.242.81 67 udp dhcps unknown
524380.209.242.81 68 tcp dhcpc filtered
524480.209.242.81 68 udp dhcpc unknown
524580.209.242.81 69 tcp tftp filtered
524680.209.242.81 69 udp tftp unknown
524780.209.242.81 88 tcp kerberos-sec filtered
524880.209.242.81 88 udp kerberos-sec unknown
524980.209.242.81 123 tcp ntp filtered
525080.209.242.81 123 udp ntp unknown
525180.209.242.81 137 tcp netbios-ns filtered
525280.209.242.81 137 udp netbios-ns filtered
525380.209.242.81 138 tcp netbios-dgm filtered
525480.209.242.81 138 udp netbios-dgm filtered
525580.209.242.81 139 tcp netbios-ssn closed
525680.209.242.81 139 udp netbios-ssn unknown
525780.209.242.81 161 tcp snmp filtered
525880.209.242.81 161 udp snmp unknown
525980.209.242.81 162 tcp snmptrap filtered
526080.209.242.81 162 udp snmptrap unknown
526180.209.242.81 389 tcp ldap filtered
526280.209.242.81 389 udp ldap filtered
526380.209.242.81 520 tcp efs filtered
526480.209.242.81 520 udp route unknown
526580.209.242.81 2049 tcp nfs filtered
526680.209.242.81 2049 udp nfs unknown
526782.221.139.217 22 tcp ssh open SSH-2.0-OpenSSH_5.3
526884.235.91.252 25 tcp smtp closed
526984.235.91.252 53 tcp domain filtered
527084.235.91.252 53 udp domain unknown
527184.235.91.252 67 tcp dhcps filtered
527284.235.91.252 67 udp dhcps unknown
527384.235.91.252 68 tcp dhcpc filtered
527484.235.91.252 68 udp dhcpc unknown
527584.235.91.252 69 tcp tftp filtered
527684.235.91.252 69 udp tftp unknown
527784.235.91.252 88 tcp kerberos-sec filtered
527884.235.91.252 88 udp kerberos-sec unknown
527984.235.91.252 123 tcp ntp filtered
528084.235.91.252 123 udp ntp unknown
528184.235.91.252 137 tcp netbios-ns filtered
528284.235.91.252 137 udp netbios-ns filtered
528384.235.91.252 138 tcp netbios-dgm filtered
528484.235.91.252 138 udp netbios-dgm filtered
528584.235.91.252 139 tcp netbios-ssn closed
528684.235.91.252 139 udp netbios-ssn unknown
528784.235.91.252 161 tcp snmp filtered
528884.235.91.252 161 udp snmp unknown
528984.235.91.252 162 tcp snmptrap filtered
529084.235.91.252 162 udp snmptrap unknown
529184.235.91.252 389 tcp ldap filtered
529284.235.91.252 389 udp ldap unknown
529384.235.91.252 445 tcp microsoft-ds closed
529484.235.91.252 520 tcp efs filtered
529584.235.91.252 520 udp route unknown
529684.235.91.252 2049 tcp nfs filtered
529784.235.91.252 2049 udp nfs unknown
529887.247.240.207 21 tcp ftp open ProFTPD
529987.247.240.207 22 tcp ssh open OpenSSH 7.4 protocol 2.0
530087.247.240.207 67 udp dhcps unknown
530187.247.240.207 68 udp dhcpc unknown
530287.247.240.207 69 udp tftp unknown
530387.247.240.207 80 tcp http open Apache httpd
530487.247.240.207 88 udp kerberos-sec unknown
530587.247.240.207 110 tcp pop3 open Dovecot pop3d
530687.247.240.207 123 udp ntp unknown
530787.247.240.207 139 udp netbios-ssn unknown
530887.247.240.207 143 tcp imap open Dovecot imapd
530987.247.240.207 161 udp snmp unknown
531087.247.240.207 162 udp snmptrap unknown
531187.247.240.207 389 udp ldap unknown
531287.247.240.207 443 tcp ssl/http open Apache httpd
531387.247.240.207 465 tcp ssl/smtp open Exim smtpd 4.92
531487.247.240.207 520 udp route unknown
531587.247.240.207 587 tcp smtp open Exim smtpd 4.92
531687.247.240.207 993 tcp ssl/imaps open
531787.247.240.207 995 tcp ssl/pop3s open
531887.247.240.207 2049 udp nfs unknown
531989.248.172.200 22 tcp ssh open SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
532089.248.172.200 53 tcp domain closed
532189.248.172.200 53 udp domain closed
532289.248.172.200 67 tcp dhcps closed
532389.248.172.200 67 udp dhcps closed
532489.248.172.200 68 tcp dhcpc closed
532589.248.172.200 68 udp dhcpc closed
532689.248.172.200 69 tcp tftp closed
532789.248.172.200 69 udp tftp closed
532889.248.172.200 88 tcp kerberos-sec closed
532989.248.172.200 88 udp kerberos-sec unknown
533089.248.172.200 123 tcp ntp closed
533189.248.172.200 123 udp ntp unknown
533289.248.172.200 137 tcp netbios-ns closed
533389.248.172.200 137 udp netbios-ns filtered
533489.248.172.200 138 tcp netbios-dgm closed
533589.248.172.200 138 udp netbios-dgm filtered
533689.248.172.200 139 tcp netbios-ssn closed
533789.248.172.200 139 udp netbios-ssn closed
533889.248.172.200 161 tcp snmp closed
533989.248.172.200 161 udp snmp closed
534089.248.172.200 162 tcp snmptrap closed
534189.248.172.200 162 udp snmptrap unknown
534289.248.172.200 389 tcp ldap closed
534389.248.172.200 389 udp ldap closed
534489.248.172.200 520 tcp efs closed
534589.248.172.200 520 udp route closed
534689.248.172.200 2049 tcp nfs closed
534789.248.172.200 2049 udp nfs unknown
534893.89.20.20 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 21:36. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
534993.95.228.158 22 tcp ssh open SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
535093.113.37.250 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 13:36. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
535193.113.37.250 53 tcp domain open PowerDNS Authoritative Server 4.1.10
535293.113.37.250 53 udp domain open PowerDNS Authoritative Server 4.1.10
535393.113.37.250 389 udp ldap unknown
535493.113.37.250 520 udp route unknown
535593.113.37.250 2049 udp nfs unknown
535693.174.93.84 21 tcp ftp open vsftpd 3.0.2
535793.174.93.84 25 tcp smtp closed
535893.174.93.84 53 tcp domain filtered
535993.174.93.84 53 udp domain filtered
536093.174.93.84 67 tcp dhcps filtered
536193.174.93.84 67 udp dhcps filtered
536293.174.93.84 68 tcp dhcpc filtered
536393.174.93.84 68 udp dhcpc unknown
536493.174.93.84 69 tcp tftp filtered
536593.174.93.84 69 udp tftp unknown
536693.174.93.84 80 tcp http open Apache httpd 2.4.6 (CentOS) PHP/5.4.16
536793.174.93.84 88 tcp kerberos-sec filtered
536893.174.93.84 88 udp kerberos-sec unknown
536993.174.93.84 123 tcp ntp filtered
537093.174.93.84 123 udp ntp filtered
537193.174.93.84 137 tcp netbios-ns filtered
537293.174.93.84 137 udp netbios-ns filtered
537393.174.93.84 138 tcp netbios-dgm filtered
537493.174.93.84 138 udp netbios-dgm filtered
537593.174.93.84 139 tcp netbios-ssn closed
537693.174.93.84 139 udp netbios-ssn unknown
537793.174.93.84 161 tcp snmp filtered
537893.174.93.84 161 udp snmp unknown
537993.174.93.84 162 tcp snmptrap filtered
538093.174.93.84 162 udp snmptrap unknown
538193.174.93.84 389 tcp ldap filtered
538293.174.93.84 389 udp ldap filtered
538393.174.93.84 445 tcp microsoft-ds closed
538493.174.93.84 520 tcp efs filtered
538593.174.93.84 520 udp route unknown
538693.174.93.84 2049 tcp nfs filtered
538793.174.93.84 2049 udp nfs unknown
538893.191.156.197 22 tcp ssh open SSH-2.0-OpenSSH_5.3
538994.102.51.33 22 tcp ssh open
539094.102.51.33 53 tcp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
539194.102.51.33 53 udp domain open ISC BIND 9.9.4 RedHat Enterprise Linux 7
539294.102.51.33 67 tcp dhcps filtered
539394.102.51.33 67 udp dhcps unknown
539494.102.51.33 68 tcp dhcpc filtered
539594.102.51.33 68 udp dhcpc unknown
539694.102.51.33 69 tcp tftp filtered
539794.102.51.33 69 udp tftp unknown
539894.102.51.33 80 tcp http open nginx
539994.102.51.33 88 tcp kerberos-sec filtered
540094.102.51.33 88 udp kerberos-sec unknown
540194.102.51.33 110 tcp pop3 open Dovecot pop3d
540294.102.51.33 123 tcp ntp filtered
540394.102.51.33 123 udp ntp unknown
540494.102.51.33 137 tcp netbios-ns filtered
540594.102.51.33 137 udp netbios-ns filtered
540694.102.51.33 138 tcp netbios-dgm filtered
540794.102.51.33 138 udp netbios-dgm filtered
540894.102.51.33 139 tcp netbios-ssn closed
540994.102.51.33 139 udp netbios-ssn unknown
541094.102.51.33 143 tcp imap open Dovecot imapd
541194.102.51.33 161 tcp snmp filtered
541294.102.51.33 161 udp snmp unknown
541394.102.51.33 162 tcp snmptrap filtered
541494.102.51.33 162 udp snmptrap unknown
541594.102.51.33 389 tcp ldap filtered
541694.102.51.33 389 udp ldap unknown
541794.102.51.33 465 tcp ssl/smtp open Exim smtpd 4.89
541894.102.51.33 520 tcp efs filtered
541994.102.51.33 520 udp route unknown
542094.102.51.33 993 tcp ssl/imaps open
542194.102.51.33 995 tcp ssl/pop3s open
542294.102.51.33 2049 tcp nfs filtered
542394.102.51.33 2049 udp nfs unknown
5424104.154.60.12 25 tcp smtp closed
5425104.154.60.12 53 tcp domain filtered
5426104.154.60.12 53 udp domain unknown
5427104.154.60.12 67 tcp dhcps filtered
5428104.154.60.12 67 udp dhcps unknown
5429104.154.60.12 68 tcp dhcpc filtered
5430104.154.60.12 68 udp dhcpc unknown
5431104.154.60.12 69 tcp tftp filtered
5432104.154.60.12 69 udp tftp unknown
5433104.154.60.12 80 tcp http open nginx
5434104.154.60.12 88 tcp kerberos-sec filtered
5435104.154.60.12 88 udp kerberos-sec unknown
5436104.154.60.12 123 tcp ntp filtered
5437104.154.60.12 123 udp ntp unknown
5438104.154.60.12 137 tcp netbios-ns filtered
5439104.154.60.12 137 udp netbios-ns filtered
5440104.154.60.12 138 tcp netbios-dgm filtered
5441104.154.60.12 138 udp netbios-dgm filtered
5442104.154.60.12 139 tcp netbios-ssn closed
5443104.154.60.12 139 udp netbios-ssn unknown
5444104.154.60.12 161 tcp snmp filtered
5445104.154.60.12 161 udp snmp unknown
5446104.154.60.12 162 tcp snmptrap filtered
5447104.154.60.12 162 udp snmptrap unknown
5448104.154.60.12 389 tcp ldap filtered
5449104.154.60.12 389 udp ldap unknown
5450104.154.60.12 443 tcp ssl/http open nginx
5451104.154.60.12 445 tcp microsoft-ds closed
5452104.154.60.12 520 tcp efs filtered
5453104.154.60.12 520 udp route unknown
5454104.154.60.12 2049 tcp nfs filtered
5455104.154.60.12 2049 udp nfs unknown
5456104.154.60.12 2222 tcp ssh open ProFTPD mod_sftp 0.9.9 protocol 2.0
5457104.218.232.66 22 tcp ssh open OpenSSH 7.4p1 Debian 10+deb9u3 protocol 2.0
5458104.218.232.66 53 tcp domain closed
5459104.218.232.66 53 udp domain unknown
5460104.218.232.66 67 tcp dhcps closed
5461104.218.232.66 67 udp dhcps unknown
5462104.218.232.66 68 tcp dhcpc closed
5463104.218.232.66 68 udp dhcpc closed
5464104.218.232.66 69 tcp tftp closed
5465104.218.232.66 69 udp tftp closed
5466104.218.232.66 80 tcp http open ngjit
5467104.218.232.66 88 tcp kerberos-sec closed
5468104.218.232.66 88 udp kerberos-sec closed
5469104.218.232.66 123 tcp ntp closed
5470104.218.232.66 123 udp ntp closed
5471104.218.232.66 137 tcp netbios-ns closed
5472104.218.232.66 137 udp netbios-ns filtered
5473104.218.232.66 138 tcp netbios-dgm closed
5474104.218.232.66 138 udp netbios-dgm filtered
5475104.218.232.66 139 tcp netbios-ssn closed
5476104.218.232.66 139 udp netbios-ssn closed
5477104.218.232.66 161 tcp snmp closed
5478104.218.232.66 161 udp snmp unknown
5479104.218.232.66 162 tcp snmptrap closed
5480104.218.232.66 162 udp snmptrap closed
5481104.218.232.66 389 tcp ldap closed
5482104.218.232.66 389 udp ldap closed
5483104.218.232.66 443 tcp ssl/https open ngjit
5484104.218.232.66 520 tcp efs closed
5485104.218.232.66 520 udp route unknown
5486104.218.232.66 2049 tcp nfs closed
5487104.218.232.66 2049 udp nfs closed
5488107.154.130.27 53 tcp domain open
5489107.154.130.27 53 udp domain open
5490107.154.130.27 67 tcp dhcps filtered
5491107.154.130.27 67 udp dhcps unknown
5492107.154.130.27 68 tcp dhcpc filtered
5493107.154.130.27 68 udp dhcpc unknown
5494107.154.130.27 69 tcp tftp filtered
5495107.154.130.27 69 udp tftp unknown
5496107.154.130.27 88 tcp http open Incapsula CDN httpd
5497107.154.130.27 88 udp kerberos-sec unknown
5498107.154.130.27 123 tcp ntp filtered
5499107.154.130.27 123 udp ntp unknown
5500107.154.130.27 137 tcp netbios-ns filtered
5501107.154.130.27 137 udp netbios-ns filtered
5502107.154.130.27 138 tcp netbios-dgm filtered
5503107.154.130.27 138 udp netbios-dgm filtered
5504107.154.130.27 139 tcp netbios-ssn closed
5505107.154.130.27 139 udp netbios-ssn unknown
5506107.154.130.27 161 tcp snmp filtered
5507107.154.130.27 161 udp snmp unknown
5508107.154.130.27 162 tcp snmptrap filtered
5509107.154.130.27 162 udp snmptrap unknown
5510107.154.130.27 389 tcp ssl/http open Incapsula CDN httpd
5511107.154.130.27 389 udp ldap unknown
5512107.154.130.27 520 tcp efs filtered
5513107.154.130.27 520 udp route unknown
5514107.154.130.27 2049 tcp http open Incapsula CDN httpd
5515107.154.130.27 2049 udp nfs unknown
5516107.154.248.27 53 tcp domain open
5517107.154.248.27 80 tcp http open Incapsula CDN httpd
5518107.154.248.27 81 tcp http open Incapsula CDN httpd
5519107.154.248.27 85 tcp http open Incapsula CDN httpd
5520107.154.248.27 88 tcp http open Incapsula CDN httpd
5521107.154.248.27 389 tcp ssl/http open Incapsula CDN httpd
5522107.154.248.27 443 tcp ssl/http open Incapsula CDN httpd
5523107.154.248.27 444 tcp ssl/http open Incapsula CDN httpd
5524107.154.248.27 446 tcp http open Incapsula CDN httpd
5525107.154.248.27 587 tcp http open Incapsula CDN httpd
5526107.154.248.27 631 tcp http open Incapsula CDN httpd
5527107.154.248.27 888 tcp http open Incapsula CDN httpd
5528107.154.248.27 995 tcp ssl/http open Incapsula CDN httpd
5529107.154.248.27 998 tcp ssl/http open Incapsula CDN httpd
5530107.154.248.27 999 tcp http open Incapsula CDN httpd
5531107.154.248.27 1000 tcp http open Incapsula CDN httpd
5532107.154.248.27 1024 tcp http open Incapsula CDN httpd
5533107.154.248.27 1103 tcp http open Incapsula CDN httpd
5534107.154.248.27 1234 tcp http open Incapsula CDN httpd
5535107.154.248.27 1433 tcp http open Incapsula CDN httpd
5536107.154.248.27 1494 tcp http open Incapsula CDN httpd
5537107.154.248.27 2000 tcp ssl/http open Incapsula CDN httpd
5538107.154.248.27 2001 tcp http open Incapsula CDN httpd
5539107.154.248.27 2049 tcp http open Incapsula CDN httpd
5540107.154.248.27 2067 tcp http open Incapsula CDN httpd
5541107.154.248.27 2100 tcp ssl/http open Incapsula CDN httpd
5542107.154.248.27 2222 tcp http open Incapsula CDN httpd
5543107.154.248.27 2598 tcp http open Incapsula CDN httpd
5544107.154.248.27 3000 tcp http open Incapsula CDN httpd
5545107.154.248.27 3050 tcp http open Incapsula CDN httpd
5546107.154.248.27 3057 tcp http open Incapsula CDN httpd
5547107.154.248.27 3299 tcp http open Incapsula CDN httpd
5548107.154.248.27 3306 tcp ssl/http open Incapsula CDN httpd
5549107.154.248.27 3333 tcp http open Incapsula CDN httpd
5550107.154.248.27 3389 tcp ssl/http open Incapsula CDN httpd
5551107.154.248.27 3500 tcp http open Incapsula CDN httpd
5552107.154.248.27 3790 tcp http open Incapsula CDN httpd
5553107.154.248.27 4000 tcp http open Incapsula CDN httpd
5554107.154.248.27 4444 tcp ssl/http open Incapsula CDN httpd
5555107.154.248.27 4445 tcp ssl/http open Incapsula CDN httpd
5556107.154.248.27 5000 tcp http open Incapsula CDN httpd
5557107.154.248.27 5009 tcp http open Incapsula CDN httpd
5558107.154.248.27 5060 tcp ssl/http open Incapsula CDN httpd
5559107.154.248.27 5061 tcp ssl/http open Incapsula CDN httpd
5560107.154.248.27 5227 tcp ssl/http open Incapsula CDN httpd
5561107.154.248.27 5247 tcp ssl/http open Incapsula CDN httpd
5562107.154.248.27 5250 tcp ssl/http open Incapsula CDN httpd
5563107.154.248.27 5555 tcp http open Incapsula CDN httpd
5564107.154.248.27 5900 tcp http open Incapsula CDN httpd
5565107.154.248.27 5901 tcp ssl/http open Incapsula CDN httpd
5566107.154.248.27 5902 tcp ssl/http open Incapsula CDN httpd
5567107.154.248.27 5903 tcp ssl/http open Incapsula CDN httpd
5568107.154.248.27 5904 tcp ssl/http open Incapsula CDN httpd
5569107.154.248.27 5905 tcp ssl/http open Incapsula CDN httpd
5570107.154.248.27 5906 tcp ssl/http open Incapsula CDN httpd
5571107.154.248.27 5907 tcp ssl/http open Incapsula CDN httpd
5572107.154.248.27 5908 tcp ssl/http open Incapsula CDN httpd
5573107.154.248.27 5909 tcp ssl/http open Incapsula CDN httpd
5574107.154.248.27 5910 tcp ssl/http open Incapsula CDN httpd
5575107.154.248.27 5920 tcp ssl/http open Incapsula CDN httpd
5576107.154.248.27 5984 tcp ssl/http open Incapsula CDN httpd
5577107.154.248.27 5985 tcp http open Incapsula CDN httpd
5578107.154.248.27 5986 tcp ssl/http open Incapsula CDN httpd
5579107.154.248.27 5999 tcp ssl/http open Incapsula CDN httpd
5580107.154.248.27 6000 tcp http open Incapsula CDN httpd
5581107.154.248.27 6060 tcp http open Incapsula CDN httpd
5582107.154.248.27 6161 tcp http open Incapsula CDN httpd
5583107.154.248.27 6379 tcp http open Incapsula CDN httpd
5584107.154.248.27 6661 tcp ssl/http open Incapsula CDN httpd
5585107.154.248.27 6789 tcp http open Incapsula CDN httpd
5586107.154.248.27 7000 tcp ssl/http open Incapsula CDN httpd
5587107.154.248.27 7001 tcp http open Incapsula CDN httpd
5588107.154.248.27 7021 tcp http open Incapsula CDN httpd
5589107.154.248.27 7071 tcp ssl/http open Incapsula CDN httpd
5590107.154.248.27 7080 tcp http open Incapsula CDN httpd
5591107.154.248.27 7272 tcp ssl/http open Incapsula CDN httpd
5592107.154.248.27 7443 tcp ssl/http open Incapsula CDN httpd
5593107.154.248.27 7700 tcp http open Incapsula CDN httpd
5594107.154.248.27 7777 tcp http open Incapsula CDN httpd
5595107.154.248.27 7778 tcp http open Incapsula CDN httpd
5596107.154.248.27 8000 tcp http open Incapsula CDN httpd
5597107.154.248.27 8001 tcp http open Incapsula CDN httpd
5598107.154.248.27 8008 tcp http open Incapsula CDN httpd
5599107.154.248.27 8014 tcp http open Incapsula CDN httpd
5600107.154.248.27 8020 tcp http open Incapsula CDN httpd
5601107.154.248.27 8023 tcp http open Incapsula CDN httpd
5602107.154.248.27 8028 tcp http open Incapsula CDN httpd
5603107.154.248.27 8030 tcp http open Incapsula CDN httpd
5604107.154.248.27 8050 tcp http open Incapsula CDN httpd
5605107.154.248.27 8051 tcp http open Incapsula CDN httpd
5606107.154.248.27 8080 tcp http open Incapsula CDN httpd
5607107.154.248.27 8081 tcp http open Incapsula CDN httpd
5608107.154.248.27 8082 tcp http open Incapsula CDN httpd
5609107.154.248.27 8085 tcp http open Incapsula CDN httpd
5610107.154.248.27 8086 tcp http open Incapsula CDN httpd
5611107.154.248.27 8087 tcp http open Incapsula CDN httpd
5612107.154.248.27 8088 tcp http open Incapsula CDN httpd
5613107.154.248.27 8090 tcp http open Incapsula CDN httpd
5614107.154.248.27 8091 tcp http open Incapsula CDN httpd
5615107.154.248.27 8095 tcp http open Incapsula CDN httpd
5616107.154.248.27 8101 tcp http open Incapsula CDN httpd
5617107.154.248.27 8161 tcp http open Incapsula CDN httpd
5618107.154.248.27 8180 tcp http open Incapsula CDN httpd
5619107.154.248.27 8222 tcp http open Incapsula CDN httpd
5620107.154.248.27 8333 tcp http open Incapsula CDN httpd
5621107.154.248.27 8443 tcp ssl/http open Incapsula CDN httpd
5622107.154.248.27 8444 tcp http open Incapsula CDN httpd
5623107.154.248.27 8445 tcp http open Incapsula CDN httpd
5624107.154.248.27 8503 tcp ssl/http open Incapsula CDN httpd
5625107.154.248.27 8686 tcp http open Incapsula CDN httpd
5626107.154.248.27 8787 tcp http open Incapsula CDN httpd
5627107.154.248.27 8800 tcp http open Incapsula CDN httpd
5628107.154.248.27 8812 tcp http open Incapsula CDN httpd
5629107.154.248.27 8834 tcp http open Incapsula CDN httpd
5630107.154.248.27 8880 tcp http open Incapsula CDN httpd
5631107.154.248.27 8888 tcp http open Incapsula CDN httpd
5632107.154.248.27 8889 tcp http open Incapsula CDN httpd
5633107.154.248.27 8890 tcp http open Incapsula CDN httpd
5634107.154.248.27 8899 tcp http open Incapsula CDN httpd
5635107.154.248.27 9000 tcp http open Incapsula CDN httpd
5636107.154.248.27 9001 tcp http open Incapsula CDN httpd
5637107.154.248.27 9002 tcp http open Incapsula CDN httpd
5638107.154.248.27 9003 tcp http open Incapsula CDN httpd
5639107.154.248.27 9004 tcp http open Incapsula CDN httpd
5640107.154.248.27 9005 tcp http open Incapsula CDN httpd
5641107.154.248.27 9010 tcp http open Incapsula CDN httpd
5642107.154.248.27 9050 tcp http open Incapsula CDN httpd
5643107.154.248.27 9080 tcp http open Incapsula CDN httpd
5644107.154.248.27 9081 tcp ssl/http open Incapsula CDN httpd
5645107.154.248.27 9084 tcp http open Incapsula CDN httpd
5646107.154.248.27 9090 tcp http open Incapsula CDN httpd
5647107.154.248.27 9099 tcp http open Incapsula CDN httpd
5648107.154.248.27 9100 tcp jetdirect open
5649107.154.248.27 9111 tcp http open Incapsula CDN httpd
5650107.154.248.27 9200 tcp http open Incapsula CDN httpd
5651107.154.248.27 9300 tcp http open Incapsula CDN httpd
5652107.154.248.27 9500 tcp http open Incapsula CDN httpd
5653107.154.248.27 9711 tcp ssl/http open Incapsula CDN httpd
5654107.154.248.27 9991 tcp http open Incapsula CDN httpd
5655107.154.248.27 9999 tcp http open Incapsula CDN httpd
5656107.154.248.27 10000 tcp http open Incapsula CDN httpd
5657107.154.248.27 10001 tcp http open Incapsula CDN httpd
5658107.154.248.27 10008 tcp http open Incapsula CDN httpd
5659107.154.248.27 10443 tcp ssl/http open Incapsula CDN httpd
5660107.154.248.27 11001 tcp ssl/http open Incapsula CDN httpd
5661107.154.248.27 12174 tcp http open Incapsula CDN httpd
5662107.154.248.27 12203 tcp http open Incapsula CDN httpd
5663107.154.248.27 12221 tcp http open Incapsula CDN httpd
5664107.154.248.27 12345 tcp http open Incapsula CDN httpd
5665107.154.248.27 12397 tcp http open Incapsula CDN httpd
5666107.154.248.27 12401 tcp http open Incapsula CDN httpd
5667107.154.248.27 14330 tcp http open Incapsula CDN httpd
5668107.154.248.27 16000 tcp http open Incapsula CDN httpd
5669107.154.248.27 20000 tcp http open Incapsula CDN httpd
5670107.154.248.27 20010 tcp ssl/http open Incapsula CDN httpd
5671107.154.248.27 25000 tcp ssl/http open Incapsula CDN httpd
5672107.154.248.27 30000 tcp http open Incapsula CDN httpd
5673107.154.248.27 44334 tcp ssl/http open Incapsula CDN httpd
5674107.154.248.27 50000 tcp http open Incapsula CDN httpd
5675107.154.248.27 50001 tcp ssl/http open Incapsula CDN httpd
5676107.154.248.27 50050 tcp ssl/http open Incapsula CDN httpd
5677147.237.0.206 53 udp domain unknown
5678147.237.0.206 67 udp dhcps unknown
5679147.237.0.206 68 udp dhcpc unknown
5680147.237.0.206 69 udp tftp unknown
5681147.237.0.206 80 tcp http open
5682147.237.0.206 88 udp kerberos-sec unknown
5683147.237.0.206 123 udp ntp unknown
5684147.237.0.206 139 udp netbios-ssn unknown
5685147.237.0.206 161 udp snmp unknown
5686147.237.0.206 162 udp snmptrap unknown
5687147.237.0.206 389 udp ldap unknown
5688147.237.0.206 443 tcp ssl/https open
5689147.237.0.206 520 udp route unknown
5690147.237.0.206 2049 udp nfs unknown
5691150.95.250.133 25 tcp smtp closed
5692150.95.250.133 53 tcp domain filtered
5693150.95.250.133 53 udp domain unknown
5694150.95.250.133 67 tcp dhcps filtered
5695150.95.250.133 67 udp dhcps unknown
5696150.95.250.133 68 tcp dhcpc filtered
5697150.95.250.133 68 udp dhcpc unknown
5698150.95.250.133 69 tcp tftp filtered
5699150.95.250.133 69 udp tftp unknown
5700150.95.250.133 80 tcp http open nginx
5701150.95.250.133 88 tcp kerberos-sec filtered
5702150.95.250.133 88 udp kerberos-sec unknown
5703150.95.250.133 123 tcp ntp filtered
5704150.95.250.133 123 udp ntp unknown
5705150.95.250.133 137 tcp netbios-ns filtered
5706150.95.250.133 137 udp netbios-ns filtered
5707150.95.250.133 138 tcp netbios-dgm filtered
5708150.95.250.133 138 udp netbios-dgm filtered
5709150.95.250.133 139 tcp netbios-ssn closed
5710150.95.250.133 139 udp netbios-ssn unknown
5711150.95.250.133 161 tcp snmp filtered
5712150.95.250.133 161 udp snmp unknown
5713150.95.250.133 162 tcp snmptrap filtered
5714150.95.250.133 162 udp snmptrap unknown
5715150.95.250.133 389 tcp ldap filtered
5716150.95.250.133 389 udp ldap unknown
5717150.95.250.133 443 tcp ssl/http open nginx
5718150.95.250.133 445 tcp microsoft-ds closed
5719150.95.250.133 520 tcp efs filtered
5720150.95.250.133 520 udp route unknown
5721150.95.250.133 2049 tcp nfs filtered
5722150.95.250.133 2049 udp nfs unknown
5723151.139.243.11 25 tcp smtp closed
5724151.139.243.11 53 tcp domain filtered
5725151.139.243.11 53 udp domain unknown
5726151.139.243.11 67 tcp dhcps filtered
5727151.139.243.11 67 udp dhcps unknown
5728151.139.243.11 68 tcp dhcpc filtered
5729151.139.243.11 68 udp dhcpc unknown
5730151.139.243.11 69 tcp tftp filtered
5731151.139.243.11 69 udp tftp unknown
5732151.139.243.11 80 tcp http open Varnish
5733151.139.243.11 88 tcp kerberos-sec filtered
5734151.139.243.11 88 udp kerberos-sec unknown
5735151.139.243.11 123 tcp ntp filtered
5736151.139.243.11 123 udp ntp unknown
5737151.139.243.11 137 tcp netbios-ns filtered
5738151.139.243.11 137 udp netbios-ns filtered
5739151.139.243.11 138 tcp netbios-dgm filtered
5740151.139.243.11 138 udp netbios-dgm filtered
5741151.139.243.11 139 tcp netbios-ssn closed
5742151.139.243.11 139 udp netbios-ssn unknown
5743151.139.243.11 161 tcp snmp filtered
5744151.139.243.11 161 udp snmp unknown
5745151.139.243.11 162 tcp snmptrap filtered
5746151.139.243.11 162 udp snmptrap unknown
5747151.139.243.11 389 tcp ldap filtered
5748151.139.243.11 389 udp ldap unknown
5749151.139.243.11 443 tcp ssl/http open nginx
5750151.139.243.11 445 tcp microsoft-ds closed
5751151.139.243.11 520 tcp efs filtered
5752151.139.243.11 520 udp route unknown
5753151.139.243.11 2049 tcp nfs filtered
5754151.139.243.11 2049 udp nfs unknown
5755154.73.84.17 21 tcp ftp open 220 (vsFTPd 3.0.3)\x0d\x0a
5756157.7.107.254 25 tcp smtp closed
5757157.7.107.254 53 tcp domain filtered
5758157.7.107.254 53 udp domain unknown
5759157.7.107.254 67 tcp dhcps filtered
5760157.7.107.254 67 udp dhcps unknown
5761157.7.107.254 68 tcp dhcpc filtered
5762157.7.107.254 68 udp dhcpc filtered
5763157.7.107.254 69 tcp tftp filtered
5764157.7.107.254 69 udp tftp unknown
5765157.7.107.254 80 tcp http open Apache httpd
5766157.7.107.254 88 tcp kerberos-sec filtered
5767157.7.107.254 88 udp kerberos-sec unknown
5768157.7.107.254 123 tcp ntp filtered
5769157.7.107.254 123 udp ntp unknown
5770157.7.107.254 137 tcp netbios-ns filtered
5771157.7.107.254 137 udp netbios-ns filtered
5772157.7.107.254 138 tcp netbios-dgm filtered
5773157.7.107.254 138 udp netbios-dgm filtered
5774157.7.107.254 139 tcp netbios-ssn closed
5775157.7.107.254 139 udp netbios-ssn unknown
5776157.7.107.254 161 tcp snmp filtered
5777157.7.107.254 161 udp snmp unknown
5778157.7.107.254 162 tcp snmptrap filtered
5779157.7.107.254 162 udp snmptrap unknown
5780157.7.107.254 389 tcp ldap filtered
5781157.7.107.254 389 udp ldap filtered
5782157.7.107.254 443 tcp ssl/https open Apache
5783157.7.107.254 445 tcp microsoft-ds closed
5784157.7.107.254 520 tcp efs filtered
5785157.7.107.254 520 udp route unknown
5786157.7.107.254 2049 tcp nfs filtered
5787157.7.107.254 2049 udp nfs unknown
5788159.89.0.72 22 tcp ssh open SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8
5789160.153.72.166 21 tcp ftp open Pure-FTPd
5790160.153.72.166 22 tcp ssh open OpenSSH 5.3 protocol 2.0
5791160.153.72.166 53 udp domain unknown
5792160.153.72.166 67 udp dhcps unknown
5793160.153.72.166 68 udp dhcpc unknown
5794160.153.72.166 69 udp tftp unknown
5795160.153.72.166 80 tcp http open Apache httpd
5796160.153.72.166 88 udp kerberos-sec unknown
5797160.153.72.166 110 tcp pop3 open Dovecot pop3d
5798160.153.72.166 123 udp ntp unknown
5799160.153.72.166 139 udp netbios-ssn unknown
5800160.153.72.166 143 tcp imap open Dovecot imapd
5801160.153.72.166 161 udp snmp unknown
5802160.153.72.166 162 udp snmptrap unknown
5803160.153.72.166 389 udp ldap unknown
5804160.153.72.166 443 tcp ssl/http open Apache httpd
5805160.153.72.166 465 tcp ssl/smtp open Exim smtpd 4.92
5806160.153.72.166 520 udp route unknown
5807160.153.72.166 587 tcp smtp open Exim smtpd 4.92
5808160.153.72.166 993 tcp ssl/imaps open
5809160.153.72.166 995 tcp ssl/pop3s open
5810160.153.72.166 2049 udp nfs unknown
5811160.153.72.166 3306 tcp mysql open MySQL 5.6.44-cll-lve
5812163.247.52.17 25 tcp smtp closed
5813163.247.52.17 53 tcp domain filtered
5814163.247.52.17 53 udp domain unknown
5815163.247.52.17 67 tcp dhcps filtered
5816163.247.52.17 67 udp dhcps unknown
5817163.247.52.17 68 tcp dhcpc filtered
5818163.247.52.17 68 udp dhcpc unknown
5819163.247.52.17 69 tcp tftp filtered
5820163.247.52.17 69 udp tftp unknown
5821163.247.52.17 80 tcp http open Apache httpd
5822163.247.52.17 88 tcp kerberos-sec filtered
5823163.247.52.17 88 udp kerberos-sec unknown
5824163.247.52.17 113 tcp ident closed
5825163.247.52.17 123 tcp ntp filtered
5826163.247.52.17 123 udp ntp unknown
5827163.247.52.17 137 tcp netbios-ns filtered
5828163.247.52.17 137 udp netbios-ns filtered
5829163.247.52.17 138 tcp netbios-dgm filtered
5830163.247.52.17 138 udp netbios-dgm filtered
5831163.247.52.17 139 tcp netbios-ssn closed
5832163.247.52.17 139 udp netbios-ssn unknown
5833163.247.52.17 161 tcp snmp filtered
5834163.247.52.17 161 udp snmp unknown
5835163.247.52.17 162 tcp snmptrap filtered
5836163.247.52.17 162 udp snmptrap unknown
5837163.247.52.17 389 tcp ldap filtered
5838163.247.52.17 389 udp ldap unknown
5839163.247.52.17 443 tcp ssl/https open
5840163.247.52.17 445 tcp microsoft-ds closed
5841163.247.52.17 520 tcp efs filtered
5842163.247.52.17 520 udp route unknown
5843163.247.52.17 2049 tcp nfs filtered
5844163.247.52.17 2049 udp nfs unknown
5845163.247.96.10 25 tcp smtp closed
5846163.247.96.10 53 tcp domain filtered
5847163.247.96.10 53 udp domain unknown
5848163.247.96.10 67 tcp dhcps filtered
5849163.247.96.10 67 udp dhcps unknown
5850163.247.96.10 68 tcp dhcpc filtered
5851163.247.96.10 68 udp dhcpc unknown
5852163.247.96.10 69 tcp tftp filtered
5853163.247.96.10 69 udp tftp unknown
5854163.247.96.10 80 tcp http open Apache httpd 2.2.22
5855163.247.96.10 88 tcp kerberos-sec filtered
5856163.247.96.10 88 udp kerberos-sec unknown
5857163.247.96.10 113 tcp ident closed
5858163.247.96.10 123 tcp ntp filtered
5859163.247.96.10 123 udp ntp unknown
5860163.247.96.10 137 tcp netbios-ns filtered
5861163.247.96.10 137 udp netbios-ns filtered
5862163.247.96.10 138 tcp netbios-dgm filtered
5863163.247.96.10 138 udp netbios-dgm filtered
5864163.247.96.10 139 tcp netbios-ssn closed
5865163.247.96.10 139 udp netbios-ssn unknown
5866163.247.96.10 161 tcp snmp filtered
5867163.247.96.10 161 udp snmp unknown
5868163.247.96.10 162 tcp snmptrap filtered
5869163.247.96.10 162 udp snmptrap unknown
5870163.247.96.10 389 tcp ldap filtered
5871163.247.96.10 389 udp ldap unknown
5872163.247.96.10 445 tcp microsoft-ds closed
5873163.247.96.10 465 tcp ssl/smtp open Exim smtpd 4.X
5874163.247.96.10 520 tcp efs filtered
5875163.247.96.10 520 udp route unknown
5876163.247.96.10 587 tcp smtp open Exim smtpd
5877163.247.96.10 2000 tcp cisco-sccp open
5878163.247.96.10 2049 tcp nfs filtered
5879163.247.96.10 2049 udp nfs unknown
5880163.247.96.10 4443 tcp http open Apache httpd
5881163.247.96.10 5060 tcp sip open
5882170.246.172.178 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 2 of 50 allowed.\x0d\x0a220-Local time is now 23:38. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
5883170.246.172.178 25 tcp smtp closed
5884170.246.172.178 53 tcp domain open PowerDNS Authoritative Server 4.1.10
5885170.246.172.178 53 udp domain open PowerDNS Authoritative Server 4.1.10
5886170.246.172.178 67 tcp dhcps filtered
5887170.246.172.178 67 udp dhcps unknown
5888170.246.172.178 68 tcp dhcpc filtered
5889170.246.172.178 68 udp dhcpc unknown
5890170.246.172.178 69 tcp tftp filtered
5891170.246.172.178 69 udp tftp unknown
5892170.246.172.178 88 tcp kerberos-sec filtered
5893170.246.172.178 88 udp kerberos-sec unknown
5894170.246.172.178 123 tcp ntp filtered
5895170.246.172.178 123 udp ntp unknown
5896170.246.172.178 137 tcp netbios-ns filtered
5897170.246.172.178 137 udp netbios-ns filtered
5898170.246.172.178 138 tcp netbios-dgm filtered
5899170.246.172.178 138 udp netbios-dgm filtered
5900170.246.172.178 139 tcp netbios-ssn closed
5901170.246.172.178 139 udp netbios-ssn unknown
5902170.246.172.178 161 tcp snmp filtered
5903170.246.172.178 161 udp snmp unknown
5904170.246.172.178 162 tcp snmptrap filtered
5905170.246.172.178 162 udp snmptrap unknown
5906170.246.172.178 389 tcp ldap filtered
5907170.246.172.178 389 udp ldap unknown
5908170.246.172.178 445 tcp microsoft-ds closed
5909170.246.172.178 520 tcp efs filtered
5910170.246.172.178 520 udp route unknown
5911170.246.172.178 2049 tcp nfs filtered
5912170.246.172.178 2049 udp nfs unknown
5913180.222.81.193 21 tcp ftp open ProFTPD or KnFTPD
5914180.222.81.193 25 tcp smtp closed
5915180.222.81.193 53 tcp domain filtered
5916180.222.81.193 53 udp domain unknown
5917180.222.81.193 67 tcp dhcps filtered
5918180.222.81.193 67 udp dhcps unknown
5919180.222.81.193 68 tcp dhcpc filtered
5920180.222.81.193 68 udp dhcpc unknown
5921180.222.81.193 69 tcp tftp filtered
5922180.222.81.193 69 udp tftp unknown
5923180.222.81.193 80 tcp http open Apache httpd PHP 5.2.8
5924180.222.81.193 88 tcp kerberos-sec filtered
5925180.222.81.193 88 udp kerberos-sec unknown
5926180.222.81.193 110 tcp pop3 open qmail pop3d
5927180.222.81.193 113 tcp ident closed
5928180.222.81.193 123 tcp ntp filtered
5929180.222.81.193 123 udp ntp unknown
5930180.222.81.193 137 tcp netbios-ns filtered
5931180.222.81.193 137 udp netbios-ns filtered
5932180.222.81.193 138 tcp netbios-dgm filtered
5933180.222.81.193 138 udp netbios-dgm filtered
5934180.222.81.193 139 tcp netbios-ssn closed
5935180.222.81.193 139 udp netbios-ssn unknown
5936180.222.81.193 143 tcp imap open Courier Imapd released 2005
5937180.222.81.193 161 tcp snmp filtered
5938180.222.81.193 161 udp snmp unknown
5939180.222.81.193 162 tcp snmptrap filtered
5940180.222.81.193 162 udp snmptrap unknown
5941180.222.81.193 389 tcp ldap filtered
5942180.222.81.193 389 udp ldap unknown
5943180.222.81.193 443 tcp ssl/http open Apache httpd PHP 5.2.8
5944180.222.81.193 445 tcp microsoft-ds closed
5945180.222.81.193 465 tcp ssl/smtps open
5946180.222.81.193 520 tcp efs filtered
5947180.222.81.193 520 udp route unknown
5948180.222.81.193 587 tcp smtp open Access Remote PC smtpd
5949180.222.81.193 993 tcp ssl/imaps open
5950180.222.81.193 995 tcp ssl/pop3s open
5951180.222.81.193 2049 tcp nfs filtered
5952180.222.81.193 2049 udp nfs unknown
5953180.222.81.193 8080 tcp ssl/http open Apache httpd
5954184.72.111.210 25 tcp smtp closed
5955184.72.111.210 53 tcp domain filtered
5956184.72.111.210 53 udp domain unknown
5957184.72.111.210 67 tcp dhcps filtered
5958184.72.111.210 67 udp dhcps unknown
5959184.72.111.210 68 tcp dhcpc filtered
5960184.72.111.210 68 udp dhcpc unknown
5961184.72.111.210 69 tcp tftp filtered
5962184.72.111.210 69 udp tftp unknown
5963184.72.111.210 80 tcp http open Microsoft HTTPAPI httpd 2.0 SSDP/UPnP
5964184.72.111.210 88 tcp kerberos-sec filtered
5965184.72.111.210 88 udp kerberos-sec unknown
5966184.72.111.210 123 tcp ntp filtered
5967184.72.111.210 123 udp ntp unknown
5968184.72.111.210 137 tcp netbios-ns filtered
5969184.72.111.210 137 udp netbios-ns filtered
5970184.72.111.210 138 tcp netbios-dgm filtered
5971184.72.111.210 138 udp netbios-dgm filtered
5972184.72.111.210 139 tcp netbios-ssn closed
5973184.72.111.210 139 udp netbios-ssn unknown
5974184.72.111.210 161 tcp snmp filtered
5975184.72.111.210 161 udp snmp unknown
5976184.72.111.210 162 tcp snmptrap filtered
5977184.72.111.210 162 udp snmptrap unknown
5978184.72.111.210 389 tcp ldap filtered
5979184.72.111.210 389 udp ldap unknown
5980184.72.111.210 443 tcp ssl/http open Microsoft HTTPAPI httpd 2.0 SSDP/UPnP
5981184.72.111.210 445 tcp microsoft-ds closed
5982184.72.111.210 520 tcp efs filtered
5983184.72.111.210 520 udp route unknown
5984184.72.111.210 2049 tcp nfs filtered
5985184.72.111.210 2049 udp nfs unknown
5986185.2.4.98 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 300 allowed.\x0d\x0a220-Local time is now 17:27. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 60 seconds of inactivity.\x0d\x0a
5987185.2.4.98 25 tcp smtp closed
5988185.2.4.98 53 tcp domain filtered
5989185.2.4.98 53 udp domain unknown
5990185.2.4.98 67 tcp dhcps filtered
5991185.2.4.98 67 udp dhcps unknown
5992185.2.4.98 68 tcp dhcpc filtered
5993185.2.4.98 68 udp dhcpc unknown
5994185.2.4.98 69 tcp tftp filtered
5995185.2.4.98 69 udp tftp unknown
5996185.2.4.98 88 tcp kerberos-sec filtered
5997185.2.4.98 88 udp kerberos-sec unknown
5998185.2.4.98 123 tcp ntp filtered
5999185.2.4.98 123 udp ntp unknown
6000185.2.4.98 137 tcp netbios-ns filtered
6001185.2.4.98 137 udp netbios-ns filtered
6002185.2.4.98 138 tcp netbios-dgm filtered
6003185.2.4.98 138 udp netbios-dgm filtered
6004185.2.4.98 139 tcp netbios-ssn closed
6005185.2.4.98 139 udp netbios-ssn unknown
6006185.2.4.98 161 tcp snmp filtered
6007185.2.4.98 161 udp snmp unknown
6008185.2.4.98 162 tcp snmptrap filtered
6009185.2.4.98 162 udp snmptrap unknown
6010185.2.4.98 389 tcp ldap filtered
6011185.2.4.98 389 udp ldap unknown
6012185.2.4.98 445 tcp microsoft-ds closed
6013185.2.4.98 520 tcp efs filtered
6014185.2.4.98 520 udp route unknown
6015185.2.4.98 2049 tcp nfs filtered
6016185.2.4.98 2049 udp nfs unknown
6017185.68.93.22 22 tcp ssh open SSH-2.0-OpenSSH_5.3
6018185.68.93.22 53 tcp domain closed
6019185.68.93.22 53 udp domain unknown
6020185.68.93.22 67 tcp dhcps closed
6021185.68.93.22 67 udp dhcps closed
6022185.68.93.22 68 tcp dhcpc closed
6023185.68.93.22 68 udp dhcpc closed
6024185.68.93.22 69 tcp tftp closed
6025185.68.93.22 69 udp tftp unknown
6026185.68.93.22 88 tcp kerberos-sec closed
6027185.68.93.22 88 udp kerberos-sec unknown
6028185.68.93.22 123 tcp ntp closed
6029185.68.93.22 123 udp ntp closed
6030185.68.93.22 137 tcp netbios-ns closed
6031185.68.93.22 137 udp netbios-ns filtered
6032185.68.93.22 138 tcp netbios-dgm closed
6033185.68.93.22 138 udp netbios-dgm filtered
6034185.68.93.22 139 tcp netbios-ssn closed
6035185.68.93.22 139 udp netbios-ssn closed
6036185.68.93.22 161 tcp snmp closed
6037185.68.93.22 161 udp snmp unknown
6038185.68.93.22 162 tcp snmptrap closed
6039185.68.93.22 162 udp snmptrap closed
6040185.68.93.22 389 tcp ldap closed
6041185.68.93.22 389 udp ldap unknown
6042185.68.93.22 520 tcp efs closed
6043185.68.93.22 520 udp route unknown
6044185.68.93.22 2049 tcp nfs closed
6045185.68.93.22 2049 udp nfs closed
6046185.119.173.237 25 tcp smtp closed
6047185.119.173.237 53 tcp domain filtered
6048185.119.173.237 53 udp domain unknown
6049185.119.173.237 67 tcp dhcps filtered
6050185.119.173.237 67 udp dhcps unknown
6051185.119.173.237 68 tcp dhcpc filtered
6052185.119.173.237 68 udp dhcpc unknown
6053185.119.173.237 69 tcp tftp filtered
6054185.119.173.237 69 udp tftp unknown
6055185.119.173.237 80 tcp http open Apache httpd
6056185.119.173.237 88 tcp kerberos-sec filtered
6057185.119.173.237 88 udp kerberos-sec unknown
6058185.119.173.237 123 tcp ntp filtered
6059185.119.173.237 123 udp ntp unknown
6060185.119.173.237 137 tcp netbios-ns filtered
6061185.119.173.237 137 udp netbios-ns filtered
6062185.119.173.237 138 tcp netbios-dgm filtered
6063185.119.173.237 138 udp netbios-dgm filtered
6064185.119.173.237 139 tcp netbios-ssn closed
6065185.119.173.237 139 udp netbios-ssn unknown
6066185.119.173.237 161 tcp snmp filtered
6067185.119.173.237 161 udp snmp unknown
6068185.119.173.237 162 tcp snmptrap filtered
6069185.119.173.237 162 udp snmptrap unknown
6070185.119.173.237 389 tcp ldap filtered
6071185.119.173.237 389 udp ldap unknown
6072185.119.173.237 443 tcp ssl/http open Apache httpd
6073185.119.173.237 445 tcp microsoft-ds closed
6074185.119.173.237 520 tcp efs filtered
6075185.119.173.237 520 udp route unknown
6076185.119.173.237 2049 tcp nfs filtered
6077185.119.173.237 2049 udp nfs unknown
6078186.67.91.110 25 tcp smtp closed
6079186.67.91.110 53 tcp domain filtered
6080186.67.91.110 53 udp domain unknown
6081186.67.91.110 67 tcp dhcps filtered
6082186.67.91.110 67 udp dhcps unknown
6083186.67.91.110 68 tcp dhcpc filtered
6084186.67.91.110 68 udp dhcpc unknown
6085186.67.91.110 69 tcp tftp filtered
6086186.67.91.110 69 udp tftp unknown
6087186.67.91.110 80 tcp http-proxy open F5 BIG-IP load balancer http proxy
6088186.67.91.110 88 tcp kerberos-sec filtered
6089186.67.91.110 88 udp kerberos-sec unknown
6090186.67.91.110 123 tcp ntp filtered
6091186.67.91.110 123 udp ntp unknown
6092186.67.91.110 137 tcp netbios-ns filtered
6093186.67.91.110 137 udp netbios-ns filtered
6094186.67.91.110 138 tcp netbios-dgm filtered
6095186.67.91.110 138 udp netbios-dgm filtered
6096186.67.91.110 139 tcp netbios-ssn closed
6097186.67.91.110 139 udp netbios-ssn unknown
6098186.67.91.110 161 tcp snmp filtered
6099186.67.91.110 161 udp snmp unknown
6100186.67.91.110 162 tcp snmptrap filtered
6101186.67.91.110 162 udp snmptrap unknown
6102186.67.91.110 389 tcp ldap filtered
6103186.67.91.110 389 udp ldap unknown
6104186.67.91.110 443 tcp ssl/https open
6105186.67.91.110 445 tcp microsoft-ds closed
6106186.67.91.110 520 tcp efs filtered
6107186.67.91.110 520 udp route unknown
6108186.67.91.110 2049 tcp nfs filtered
6109186.67.91.110 2049 udp nfs unknown
6110192.0.78.12 25 tcp smtp closed
6111192.0.78.12 53 tcp domain filtered
6112192.0.78.12 53 udp domain unknown
6113192.0.78.12 67 tcp dhcps filtered
6114192.0.78.12 67 udp dhcps unknown
6115192.0.78.12 68 tcp dhcpc filtered
6116192.0.78.12 68 udp dhcpc unknown
6117192.0.78.12 69 tcp tftp filtered
6118192.0.78.12 69 udp tftp unknown
6119192.0.78.12 80 tcp http open nginx
6120192.0.78.12 88 tcp kerberos-sec filtered
6121192.0.78.12 88 udp kerberos-sec unknown
6122192.0.78.12 123 tcp ntp filtered
6123192.0.78.12 123 udp ntp unknown
6124192.0.78.12 137 tcp netbios-ns filtered
6125192.0.78.12 137 udp netbios-ns filtered
6126192.0.78.12 138 tcp netbios-dgm filtered
6127192.0.78.12 138 udp netbios-dgm filtered
6128192.0.78.12 139 tcp netbios-ssn closed
6129192.0.78.12 139 udp netbios-ssn unknown
6130192.0.78.12 161 tcp snmp filtered
6131192.0.78.12 161 udp snmp unknown
6132192.0.78.12 162 tcp snmptrap filtered
6133192.0.78.12 162 udp snmptrap unknown
6134192.0.78.12 389 tcp ldap filtered
6135192.0.78.12 389 udp ldap unknown
6136192.0.78.12 443 tcp ssl/http open nginx
6137192.0.78.12 445 tcp microsoft-ds closed
6138192.0.78.12 520 tcp efs filtered
6139192.0.78.12 520 udp route unknown
6140192.0.78.12 2049 tcp nfs filtered
6141192.0.78.12 2049 udp nfs unknown
6142192.0.78.13 25 tcp smtp closed
6143192.0.78.13 53 tcp domain filtered
6144192.0.78.13 53 udp domain unknown
6145192.0.78.13 67 tcp dhcps filtered
6146192.0.78.13 67 udp dhcps unknown
6147192.0.78.13 68 tcp dhcpc filtered
6148192.0.78.13 68 udp dhcpc unknown
6149192.0.78.13 69 tcp tftp filtered
6150192.0.78.13 69 udp tftp unknown
6151192.0.78.13 80 tcp http open nginx
6152192.0.78.13 88 tcp kerberos-sec filtered
6153192.0.78.13 88 udp kerberos-sec unknown
6154192.0.78.13 123 tcp ntp filtered
6155192.0.78.13 123 udp ntp unknown
6156192.0.78.13 137 tcp netbios-ns filtered
6157192.0.78.13 137 udp netbios-ns filtered
6158192.0.78.13 138 tcp netbios-dgm filtered
6159192.0.78.13 138 udp netbios-dgm filtered
6160192.0.78.13 139 tcp netbios-ssn closed
6161192.0.78.13 139 udp netbios-ssn unknown
6162192.0.78.13 161 tcp snmp filtered
6163192.0.78.13 161 udp snmp unknown
6164192.0.78.13 162 tcp snmptrap filtered
6165192.0.78.13 162 udp snmptrap unknown
6166192.0.78.13 389 tcp ldap filtered
6167192.0.78.13 389 udp ldap unknown
6168192.0.78.13 443 tcp ssl/http open nginx
6169192.0.78.13 445 tcp microsoft-ds closed
6170192.0.78.13 520 tcp efs filtered
6171192.0.78.13 520 udp route unknown
6172192.0.78.13 2049 tcp nfs filtered
6173192.0.78.13 2049 udp nfs unknown
6174194.18.73.2 25 tcp smtp closed
6175194.18.73.2 53 tcp domain filtered
6176194.18.73.2 53 udp domain unknown
6177194.18.73.2 67 tcp dhcps filtered
6178194.18.73.2 67 udp dhcps unknown
6179194.18.73.2 68 tcp dhcpc filtered
6180194.18.73.2 68 udp dhcpc unknown
6181194.18.73.2 69 tcp tftp filtered
6182194.18.73.2 69 udp tftp unknown
6183194.18.73.2 80 tcp http-proxy open HAProxy http proxy 1.3.1 or later
6184194.18.73.2 88 tcp kerberos-sec filtered
6185194.18.73.2 88 udp kerberos-sec unknown
6186194.18.73.2 113 tcp ident closed
6187194.18.73.2 123 tcp ntp filtered
6188194.18.73.2 123 udp ntp unknown
6189194.18.73.2 137 tcp netbios-ns filtered
6190194.18.73.2 137 udp netbios-ns filtered
6191194.18.73.2 138 tcp netbios-dgm filtered
6192194.18.73.2 138 udp netbios-dgm filtered
6193194.18.73.2 139 tcp netbios-ssn closed
6194194.18.73.2 139 udp netbios-ssn unknown
6195194.18.73.2 161 tcp snmp filtered
6196194.18.73.2 161 udp snmp unknown
6197194.18.73.2 162 tcp snmptrap filtered
6198194.18.73.2 162 udp snmptrap unknown
6199194.18.73.2 389 tcp ldap filtered
6200194.18.73.2 389 udp ldap unknown
6201194.18.73.2 443 tcp ssl/http-proxy open HAProxy http proxy 1.3.1 or later
6202194.18.73.2 445 tcp microsoft-ds closed
6203194.18.73.2 520 tcp efs filtered
6204194.18.73.2 520 udp route closed
6205194.18.73.2 2049 tcp nfs filtered
6206194.18.73.2 2049 udp nfs unknown
6207194.39.164.140 21 tcp ftp open ProFTPD
6208194.39.164.140 53 tcp domain filtered
6209194.39.164.140 53 udp domain unknown
6210194.39.164.140 67 tcp dhcps filtered
6211194.39.164.140 67 udp dhcps unknown
6212194.39.164.140 68 tcp dhcpc filtered
6213194.39.164.140 68 udp dhcpc unknown
6214194.39.164.140 69 tcp tftp filtered
6215194.39.164.140 69 udp tftp unknown
6216194.39.164.140 80 tcp http open nginx
6217194.39.164.140 88 tcp kerberos-sec filtered
6218194.39.164.140 88 udp kerberos-sec unknown
6219194.39.164.140 110 tcp pop3 open Courier pop3d
6220194.39.164.140 123 tcp ntp filtered
6221194.39.164.140 123 udp ntp unknown
6222194.39.164.140 137 tcp netbios-ns filtered
6223194.39.164.140 137 udp netbios-ns filtered
6224194.39.164.140 138 tcp netbios-dgm filtered
6225194.39.164.140 138 udp netbios-dgm filtered
6226194.39.164.140 139 tcp netbios-ssn closed
6227194.39.164.140 139 udp netbios-ssn unknown
6228194.39.164.140 161 tcp snmp filtered
6229194.39.164.140 161 udp snmp unknown
6230194.39.164.140 162 tcp snmptrap filtered
6231194.39.164.140 162 udp snmptrap unknown
6232194.39.164.140 389 tcp ldap filtered
6233194.39.164.140 389 udp ldap unknown
6234194.39.164.140 443 tcp ssl/http open nginx
6235194.39.164.140 465 tcp ssl/smtps open
6236194.39.164.140 520 tcp efs filtered
6237194.39.164.140 520 udp route unknown
6238194.39.164.140 587 tcp smtp open Postfix smtpd
6239194.39.164.140 993 tcp ssl/imaps open
6240194.39.164.140 2020 tcp ssh open OpenSSH 7.4 protocol 2.0
6241194.39.164.140 2049 tcp nfs filtered
6242194.39.164.140 2049 udp nfs unknown
6243194.39.164.140 8443 tcp ssl/https-alt open sw-cp-server
6244194.39.164.140 8880 tcp http open sw-cp-server httpd Plesk Onyx 17.8.11
6245200.14.67.43 25 tcp smtp closed
6246200.14.67.43 53 tcp domain filtered
6247200.14.67.43 53 udp domain unknown
6248200.14.67.43 67 tcp dhcps filtered
6249200.14.67.43 67 udp dhcps unknown
6250200.14.67.43 68 tcp dhcpc filtered
6251200.14.67.43 68 udp dhcpc unknown
6252200.14.67.43 69 tcp tftp filtered
6253200.14.67.43 69 udp tftp unknown
6254200.14.67.43 80 tcp http open nginx 1.16.1 Ubuntu
6255200.14.67.43 88 tcp kerberos-sec filtered
6256200.14.67.43 88 udp kerberos-sec unknown
6257200.14.67.43 123 tcp ntp filtered
6258200.14.67.43 123 udp ntp unknown
6259200.14.67.43 137 tcp netbios-ns filtered
6260200.14.67.43 137 udp netbios-ns filtered
6261200.14.67.43 138 tcp netbios-dgm filtered
6262200.14.67.43 138 udp netbios-dgm filtered
6263200.14.67.43 139 tcp netbios-ssn closed
6264200.14.67.43 139 udp netbios-ssn unknown
6265200.14.67.43 161 tcp snmp filtered
6266200.14.67.43 161 udp snmp unknown
6267200.14.67.43 162 tcp snmptrap filtered
6268200.14.67.43 162 udp snmptrap unknown
6269200.14.67.43 389 tcp ldap filtered
6270200.14.67.43 389 udp ldap unknown
6271200.14.67.43 443 tcp ssl/http open nginx 1.16.1 Ubuntu
6272200.14.67.43 445 tcp microsoft-ds closed
6273200.14.67.43 520 tcp efs filtered
6274200.14.67.43 520 udp route unknown
6275200.14.67.43 2049 tcp nfs filtered
6276200.14.67.43 2049 udp nfs unknown
6277200.14.67.65 25 tcp smtp closed
6278200.14.67.65 53 tcp domain filtered
6279200.14.67.65 53 udp domain unknown
6280200.14.67.65 67 tcp dhcps filtered
6281200.14.67.65 67 udp dhcps unknown
6282200.14.67.65 68 tcp dhcpc filtered
6283200.14.67.65 68 udp dhcpc unknown
6284200.14.67.65 69 tcp tftp filtered
6285200.14.67.65 69 udp tftp unknown
6286200.14.67.65 80 tcp http open nginx 1.16.1 Ubuntu
6287200.14.67.65 88 tcp kerberos-sec filtered
6288200.14.67.65 88 udp kerberos-sec unknown
6289200.14.67.65 123 tcp ntp filtered
6290200.14.67.65 123 udp ntp unknown
6291200.14.67.65 137 tcp netbios-ns filtered
6292200.14.67.65 137 udp netbios-ns filtered
6293200.14.67.65 138 tcp netbios-dgm filtered
6294200.14.67.65 138 udp netbios-dgm filtered
6295200.14.67.65 139 tcp netbios-ssn closed
6296200.14.67.65 139 udp netbios-ssn unknown
6297200.14.67.65 161 tcp snmp filtered
6298200.14.67.65 161 udp snmp unknown
6299200.14.67.65 162 tcp snmptrap filtered
6300200.14.67.65 162 udp snmptrap unknown
6301200.14.67.65 389 tcp ldap filtered
6302200.14.67.65 389 udp ldap unknown
6303200.14.67.65 443 tcp ssl/http open nginx 1.16.1 Ubuntu
6304200.14.67.65 445 tcp microsoft-ds closed
6305200.14.67.65 520 tcp efs filtered
6306200.14.67.65 520 udp route unknown
6307200.14.67.65 2049 tcp nfs filtered
6308200.14.67.65 2049 udp nfs unknown
6309200.35.157.77 53 tcp domain filtered
6310200.35.157.77 53 udp domain unknown
6311200.35.157.77 67 tcp dhcps filtered
6312200.35.157.77 67 udp dhcps unknown
6313200.35.157.77 68 tcp dhcpc filtered
6314200.35.157.77 68 udp dhcpc unknown
6315200.35.157.77 69 tcp tftp filtered
6316200.35.157.77 69 udp tftp unknown
6317200.35.157.77 88 tcp kerberos-sec filtered
6318200.35.157.77 88 udp kerberos-sec unknown
6319200.35.157.77 123 tcp ntp filtered
6320200.35.157.77 123 udp ntp unknown
6321200.35.157.77 137 tcp netbios-ns filtered
6322200.35.157.77 137 udp netbios-ns filtered
6323200.35.157.77 138 tcp netbios-dgm filtered
6324200.35.157.77 138 udp netbios-dgm filtered
6325200.35.157.77 139 tcp netbios-ssn closed
6326200.35.157.77 139 udp netbios-ssn unknown
6327200.35.157.77 161 tcp snmp filtered
6328200.35.157.77 161 udp snmp unknown
6329200.35.157.77 162 tcp snmptrap filtered
6330200.35.157.77 162 udp snmptrap unknown
6331200.35.157.77 389 tcp ldap filtered
6332200.35.157.77 389 udp ldap unknown
6333200.35.157.77 520 tcp efs filtered
6334200.35.157.77 520 udp route unknown
6335200.35.157.77 2049 tcp nfs filtered
6336200.35.157.77 2049 udp nfs unknown
6337201.131.38.40 25 tcp smtp closed
6338201.131.38.40 53 tcp domain filtered
6339201.131.38.40 53 udp domain unknown
6340201.131.38.40 67 tcp dhcps filtered
6341201.131.38.40 67 udp dhcps unknown
6342201.131.38.40 68 tcp dhcpc filtered
6343201.131.38.40 68 udp dhcpc unknown
6344201.131.38.40 69 tcp tftp filtered
6345201.131.38.40 69 udp tftp unknown
6346201.131.38.40 80 tcp http open Apache httpd
6347201.131.38.40 88 tcp kerberos-sec filtered
6348201.131.38.40 88 udp kerberos-sec unknown
6349201.131.38.40 123 tcp ntp filtered
6350201.131.38.40 123 udp ntp unknown
6351201.131.38.40 137 tcp netbios-ns filtered
6352201.131.38.40 137 udp netbios-ns filtered
6353201.131.38.40 138 tcp netbios-dgm filtered
6354201.131.38.40 138 udp netbios-dgm filtered
6355201.131.38.40 139 tcp netbios-ssn closed
6356201.131.38.40 139 udp netbios-ssn unknown
6357201.131.38.40 161 tcp snmp filtered
6358201.131.38.40 161 udp snmp unknown
6359201.131.38.40 162 tcp snmptrap filtered
6360201.131.38.40 162 udp snmptrap unknown
6361201.131.38.40 389 tcp ldap filtered
6362201.131.38.40 389 udp ldap unknown
6363201.131.38.40 443 tcp ssl/http open Apache httpd
6364201.131.38.40 445 tcp microsoft-ds closed
6365201.131.38.40 520 tcp efs filtered
6366201.131.38.40 520 udp route unknown
6367201.131.38.40 2049 tcp nfs filtered
6368201.131.38.40 2049 udp nfs unknown
6369201.238.246.43 21 tcp ftp open 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------\x0d\x0a220-You are user number 1 of 50 allowed.\x0d\x0a220-Local time is now 05:39. Server port: 21.\x0d\x0a220-This is a private system - No anonymous login\x0d\x0a220-IPv6 connections are also welcome on this server.\x0d\x0a220 You will be disconnected after 15 minutes of inactivity.\x0d\x0a
6370201.238.246.43 25 tcp smtp closed
6371201.238.246.43 53 tcp domain filtered
6372201.238.246.43 53 udp domain unknown
6373201.238.246.43 67 tcp dhcps filtered
6374201.238.246.43 67 udp dhcps unknown
6375201.238.246.43 68 tcp dhcpc filtered
6376201.238.246.43 68 udp dhcpc unknown
6377201.238.246.43 69 tcp tftp filtered
6378201.238.246.43 69 udp tftp unknown
6379201.238.246.43 88 tcp kerberos-sec filtered
6380201.238.246.43 88 udp kerberos-sec unknown
6381201.238.246.43 113 tcp ident closed
6382201.238.246.43 123 tcp ntp filtered
6383201.238.246.43 123 udp ntp unknown
6384201.238.246.43 137 tcp netbios-ns filtered
6385201.238.246.43 137 udp netbios-ns filtered
6386201.238.246.43 138 tcp netbios-dgm filtered
6387201.238.246.43 138 udp netbios-dgm filtered
6388201.238.246.43 139 tcp netbios-ssn closed
6389201.238.246.43 139 udp netbios-ssn unknown
6390201.238.246.43 161 tcp snmp filtered
6391201.238.246.43 161 udp snmp unknown
6392201.238.246.43 162 tcp snmptrap filtered
6393201.238.246.43 162 udp snmptrap unknown
6394201.238.246.43 389 tcp ldap filtered
6395201.238.246.43 389 udp ldap unknown
6396201.238.246.43 445 tcp microsoft-ds closed
6397201.238.246.43 520 tcp efs filtered
6398201.238.246.43 520 udp route unknown
6399201.238.246.43 2049 tcp nfs filtered
6400201.238.246.43 2049 udp nfs unknown
6401202.214.194.138 25 tcp smtp closed
6402202.214.194.138 53 tcp domain filtered
6403202.214.194.138 53 udp domain unknown
6404202.214.194.138 67 tcp dhcps filtered
6405202.214.194.138 67 udp dhcps unknown
6406202.214.194.138 68 tcp dhcpc filtered
6407202.214.194.138 68 udp dhcpc unknown
6408202.214.194.138 69 tcp tftp filtered
6409202.214.194.138 69 udp tftp unknown
6410202.214.194.138 80 tcp http open
6411202.214.194.138 88 tcp kerberos-sec filtered
6412202.214.194.138 88 udp kerberos-sec unknown
6413202.214.194.138 123 tcp ntp filtered
6414202.214.194.138 123 udp ntp unknown
6415202.214.194.138 137 tcp netbios-ns filtered
6416202.214.194.138 137 udp netbios-ns filtered
6417202.214.194.138 138 tcp netbios-dgm filtered
6418202.214.194.138 138 udp netbios-dgm filtered
6419202.214.194.138 139 tcp netbios-ssn closed
6420202.214.194.138 139 udp netbios-ssn unknown
6421202.214.194.138 161 tcp snmp filtered
6422202.214.194.138 161 udp snmp unknown
6423202.214.194.138 162 tcp snmptrap filtered
6424202.214.194.138 162 udp snmptrap unknown
6425202.214.194.138 389 tcp ldap filtered
6426202.214.194.138 389 udp ldap unknown
6427202.214.194.138 443 tcp ssl/https open
6428202.214.194.138 445 tcp microsoft-ds closed
6429202.214.194.138 520 tcp efs filtered
6430202.214.194.138 520 udp route unknown
6431202.214.194.138 2049 tcp nfs filtered
6432202.214.194.138 2049 udp nfs unknown
6433202.238.130.103 25 tcp smtp closed
6434202.238.130.103 53 tcp domain filtered
6435202.238.130.103 53 udp domain unknown
6436202.238.130.103 67 tcp dhcps filtered
6437202.238.130.103 67 udp dhcps unknown
6438202.238.130.103 68 tcp dhcpc filtered
6439202.238.130.103 68 udp dhcpc unknown
6440202.238.130.103 69 tcp tftp filtered
6441202.238.130.103 69 udp tftp unknown
6442202.238.130.103 80 tcp http-proxy open F5 BIG-IP load balancer http proxy
6443202.238.130.103 88 tcp kerberos-sec filtered
6444202.238.130.103 88 udp kerberos-sec unknown
6445202.238.130.103 113 tcp ident closed
6446202.238.130.103 123 tcp ntp filtered
6447202.238.130.103 123 udp ntp unknown
6448202.238.130.103 137 tcp netbios-ns filtered
6449202.238.130.103 137 udp netbios-ns filtered
6450202.238.130.103 138 tcp netbios-dgm filtered
6451202.238.130.103 138 udp netbios-dgm filtered
6452202.238.130.103 139 tcp netbios-ssn closed
6453202.238.130.103 139 udp netbios-ssn unknown
6454202.238.130.103 161 tcp snmp filtered
6455202.238.130.103 161 udp snmp unknown
6456202.238.130.103 162 tcp snmptrap filtered
6457202.238.130.103 162 udp snmptrap unknown
6458202.238.130.103 389 tcp ldap filtered
6459202.238.130.103 389 udp ldap unknown
6460202.238.130.103 443 tcp ssl/http open Apache httpd
6461202.238.130.103 445 tcp microsoft-ds closed
6462202.238.130.103 520 tcp efs filtered
6463202.238.130.103 520 udp route unknown
6464202.238.130.103 2049 tcp nfs filtered
6465202.238.130.103 2049 udp nfs unknown
6466202.238.130.103 8008 tcp http open
6467203.137.110.66 21 tcp ftp open 220 203.137.110.66 FTP server ready\x0d\x0a
6468203.183.218.244 21 tcp ftp open 220 203.183.218.130 FTP server ready\x0d\x0a
6469209.59.165.178 25 tcp smtp closed
6470209.59.165.178 53 tcp domain filtered PowerDNS Authoritative Server 4.1.10
6471209.59.165.178 53 udp domain unknown PowerDNS Authoritative Server 4.1.10
6472209.59.165.178 67 tcp dhcps filtered
6473209.59.165.178 67 udp dhcps unknown
6474209.59.165.178 68 tcp dhcpc filtered
6475209.59.165.178 68 udp dhcpc unknown
6476209.59.165.178 69 tcp tftp filtered
6477209.59.165.178 69 udp tftp unknown
6478209.59.165.178 88 tcp kerberos-sec filtered
6479209.59.165.178 88 udp kerberos-sec unknown
6480209.59.165.178 123 tcp ntp filtered
6481209.59.165.178 123 udp ntp unknown
6482209.59.165.178 137 tcp netbios-ns filtered
6483209.59.165.178 137 udp netbios-ns filtered
6484209.59.165.178 138 tcp netbios-dgm filtered
6485209.59.165.178 138 udp netbios-dgm filtered
6486209.59.165.178 139 tcp netbios-ssn closed
6487209.59.165.178 139 udp netbios-ssn unknown
6488209.59.165.178 161 tcp snmp filtered
6489209.59.165.178 161 udp snmp unknown
6490209.59.165.178 162 tcp snmptrap filtered
6491209.59.165.178 162 udp snmptrap unknown
6492209.59.165.178 389 tcp ldap filtered
6493209.59.165.178 389 udp ldap unknown
6494209.59.165.178 445 tcp microsoft-ds closed
6495209.59.165.178 520 tcp efs filtered
6496209.59.165.178 520 udp route unknown
6497209.59.165.178 2049 tcp nfs filtered
6498209.59.165.178 2049 udp nfs unknown
6499210.149.141.34 53 tcp domain filtered
6500210.149.141.34 53 udp domain unknown
6501210.149.141.34 67 tcp dhcps filtered
6502210.149.141.34 67 udp dhcps unknown
6503210.149.141.34 68 tcp dhcpc filtered
6504210.149.141.34 68 udp dhcpc unknown
6505210.149.141.34 69 tcp tftp filtered
6506210.149.141.34 69 udp tftp unknown
6507210.149.141.34 88 tcp kerberos-sec filtered
6508210.149.141.34 88 udp kerberos-sec unknown
6509210.149.141.34 123 tcp ntp filtered
6510210.149.141.34 123 udp ntp unknown
6511210.149.141.34 137 tcp netbios-ns filtered
6512210.149.141.34 137 udp netbios-ns filtered
6513210.149.141.34 138 tcp netbios-dgm filtered
6514210.149.141.34 138 udp netbios-dgm filtered
6515210.149.141.34 139 tcp netbios-ssn closed
6516210.149.141.34 139 udp netbios-ssn unknown
6517210.149.141.34 161 tcp snmp filtered
6518210.149.141.34 161 udp snmp unknown
6519210.149.141.34 162 tcp snmptrap filtered
6520210.149.141.34 162 udp snmptrap unknown
6521210.149.141.34 389 tcp ldap filtered
6522210.149.141.34 389 udp ldap unknown
6523210.149.141.34 520 tcp efs filtered
6524210.149.141.34 520 udp route unknown
6525210.149.141.34 2049 tcp nfs filtered
6526210.149.141.34 2049 udp nfs unknown
6527210.152.243.182 21 tcp ftp open 220 (vsFTPd 2.2.2)\x0d\x0a
6528210.160.220.105 53 tcp domain closed
6529210.160.220.105 53 udp domain unknown
6530210.160.220.105 67 tcp dhcps closed
6531210.160.220.105 67 udp dhcps unknown
6532210.160.220.105 68 tcp dhcpc closed
6533210.160.220.105 68 udp dhcpc unknown
6534210.160.220.105 69 tcp tftp filtered
6535210.160.220.105 69 udp tftp unknown
6536210.160.220.105 88 tcp kerberos-sec closed
6537210.160.220.105 88 udp kerberos-sec unknown
6538210.160.220.105 123 tcp ntp filtered
6539210.160.220.105 123 udp ntp unknown
6540210.160.220.105 137 tcp netbios-ns closed
6541210.160.220.105 137 udp netbios-ns filtered
6542210.160.220.105 138 tcp netbios-dgm closed
6543210.160.220.105 138 udp netbios-dgm filtered
6544210.160.220.105 139 tcp netbios-ssn closed
6545210.160.220.105 139 udp netbios-ssn unknown
6546210.160.220.105 161 tcp snmp closed
6547210.160.220.105 161 udp snmp unknown
6548210.160.220.105 162 tcp snmptrap filtered
6549210.160.220.105 162 udp snmptrap unknown
6550210.160.220.105 389 tcp ldap closed
6551210.160.220.105 389 udp ldap unknown
6552210.160.220.105 520 tcp efs closed
6553210.160.220.105 520 udp route unknown
6554210.160.220.105 2049 tcp nfs closed
6555210.160.220.105 2049 udp nfs unknown
6556210.160.220.113 53 tcp domain closed
6557210.160.220.113 53 udp domain unknown
6558210.160.220.113 67 tcp dhcps closed
6559210.160.220.113 67 udp dhcps unknown
6560210.160.220.113 68 tcp dhcpc closed
6561210.160.220.113 68 udp dhcpc unknown
6562210.160.220.113 69 tcp tftp closed
6563210.160.220.113 69 udp tftp unknown
6564210.160.220.113 88 tcp kerberos-sec filtered
6565210.160.220.113 88 udp kerberos-sec unknown
6566210.160.220.113 123 tcp ntp filtered
6567210.160.220.113 123 udp ntp unknown
6568210.160.220.113 137 tcp netbios-ns closed
6569210.160.220.113 137 udp netbios-ns filtered
6570210.160.220.113 138 tcp netbios-dgm closed
6571210.160.220.113 138 udp netbios-dgm filtered
6572210.160.220.113 139 tcp netbios-ssn closed
6573210.160.220.113 139 udp netbios-ssn unknown
6574210.160.220.113 161 tcp snmp closed
6575210.160.220.113 161 udp snmp unknown
6576210.160.220.113 162 tcp snmptrap closed
6577210.160.220.113 162 udp snmptrap unknown
6578210.160.220.113 389 tcp ldap filtered
6579210.160.220.113 389 udp ldap unknown
6580210.160.220.113 520 tcp efs closed
6581210.160.220.113 520 udp route unknown
6582210.160.220.113 2049 tcp nfs closed
6583210.160.220.113 2049 udp nfs unknown
6584210.226.36.2 25 tcp smtp closed
6585210.226.36.2 53 tcp domain filtered
6586210.226.36.2 53 udp domain unknown
6587210.226.36.2 67 tcp dhcps filtered
6588210.226.36.2 67 udp dhcps unknown
6589210.226.36.2 68 tcp dhcpc filtered
6590210.226.36.2 68 udp dhcpc unknown
6591210.226.36.2 69 tcp tftp filtered
6592210.226.36.2 69 udp tftp unknown
6593210.226.36.2 80 tcp http open Apache httpd 1.3.41 (Unix) PHP/3.0.18-i18n-ja-3
6594210.226.36.2 88 tcp kerberos-sec filtered
6595210.226.36.2 88 udp kerberos-sec unknown
6596210.226.36.2 123 tcp ntp filtered
6597210.226.36.2 123 udp ntp unknown
6598210.226.36.2 137 tcp netbios-ns filtered
6599210.226.36.2 137 udp netbios-ns filtered
6600210.226.36.2 138 tcp netbios-dgm filtered
6601210.226.36.2 138 udp netbios-dgm filtered
6602210.226.36.2 139 tcp netbios-ssn closed
6603210.226.36.2 139 udp netbios-ssn unknown
6604210.226.36.2 161 tcp snmp filtered
6605210.226.36.2 161 udp snmp unknown
6606210.226.36.2 162 tcp snmptrap filtered
6607210.226.36.2 162 udp snmptrap unknown
6608210.226.36.2 389 tcp ldap filtered
6609210.226.36.2 389 udp ldap unknown
6610210.226.36.2 445 tcp microsoft-ds closed
6611210.226.36.2 520 tcp efs filtered
6612210.226.36.2 520 udp route unknown
6613210.226.36.2 2049 tcp nfs filtered
6614210.226.36.2 2049 udp nfs unknown
6615217.160.131.142 21 tcp ftp open ProFTPD
6616217.160.131.142 22 tcp ssh open OpenSSH 5.3 protocol 2.0
6617217.160.131.142 53 tcp domain closed
6618217.160.131.142 53 udp domain unknown
6619217.160.131.142 67 tcp dhcps closed
6620217.160.131.142 67 udp dhcps unknown
6621217.160.131.142 68 tcp dhcpc closed
6622217.160.131.142 68 udp dhcpc closed
6623217.160.131.142 69 tcp tftp closed
6624217.160.131.142 69 udp tftp unknown
6625217.160.131.142 80 tcp http open Apache httpd PleskLin
6626217.160.131.142 88 tcp kerberos-sec closed
6627217.160.131.142 88 udp kerberos-sec unknown
6628217.160.131.142 123 tcp ntp closed
6629217.160.131.142 123 udp ntp unknown
6630217.160.131.142 137 tcp netbios-ns closed
6631217.160.131.142 137 udp netbios-ns filtered
6632217.160.131.142 138 tcp netbios-dgm closed
6633217.160.131.142 138 udp netbios-dgm filtered
6634217.160.131.142 139 tcp netbios-ssn closed
6635217.160.131.142 139 udp netbios-ssn closed
6636217.160.131.142 161 tcp snmp closed
6637217.160.131.142 161 udp snmp unknown
6638217.160.131.142 162 tcp snmptrap closed
6639217.160.131.142 162 udp snmptrap closed
6640217.160.131.142 389 tcp ldap closed
6641217.160.131.142 389 udp ldap closed
6642217.160.131.142 443 tcp ssl/http open Apache httpd PleskLin
6643217.160.131.142 520 tcp efs closed
6644217.160.131.142 520 udp route unknown
6645217.160.131.142 2049 tcp nfs closed
6646217.160.131.142 2049 udp nfs closed
6647217.160.131.142 3306 tcp mysql open MySQL 5.1.73
6648217.160.131.142 4643 tcp ssl/http open Apache httpd
6649217.160.131.142 8443 tcp ssl/http open sw-cp-server httpd Plesk Onyx 17.8.11
6650217.160.131.142 8880 tcp http open sw-cp-server httpd Plesk Onyx 17.8.11
6651######################################################################################################################################
6652[+] URL: http://www.auctionit.co.bw/
6653[+] Started: Fri Feb 7 02:13:05 2020
6654
6655Interesting Finding(s):
6656
6657[+] http://www.auctionit.co.bw/
6658 | Interesting Entries:
6659 | - Server: nginx
6660 | - X-TEC-API-VERSION: v1
6661 | - X-TEC-API-ROOT: http://www.auctionit.co.bw/wp-json/tribe/events/v1/
6662 | - X-TEC-API-ORIGIN: http://www.auctionit.co.bw
6663 | - X-UA-Compatible: IE=edge
6664 | Found By: Headers (Passive Detection)
6665 | Confidence: 100%
6666
6667[+] http://www.auctionit.co.bw/robots.txt
6668 | Found By: Robots Txt (Aggressive Detection)
6669 | Confidence: 100%
6670
6671[+] http://www.auctionit.co.bw/xmlrpc.php
6672 | Found By: Direct Access (Aggressive Detection)
6673 | Confidence: 100%
6674 | References:
6675 | - http://codex.wordpress.org/XML-RPC_Pingback_API
6676 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
6677 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
6678 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
6679 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
6680
6681[+] http://www.auctionit.co.bw/readme.html
6682 | Found By: Direct Access (Aggressive Detection)
6683 | Confidence: 100%
6684
6685[+] Registration is enabled: http://www.auctionit.co.bw/wp-login.php?action=register
6686 | Found By: Direct Access (Aggressive Detection)
6687 | Confidence: 100%
6688
6689[+] http://www.auctionit.co.bw/wp-cron.php
6690 | Found By: Direct Access (Aggressive Detection)
6691 | Confidence: 60%
6692 | References:
6693 | - https://www.iplocation.net/defend-wordpress-from-ddos
6694 | - https://github.com/wpscanteam/wpscan/issues/1299
6695
6696[+] WordPress version 4.9.13 identified (Latest, released on 2019-12-12).
6697 | Found By: Most Common Wp Includes Query Parameter In Homepage (Passive Detection)
6698 | - http://www.auctionit.co.bw/wp-includes/js/wp-embed.min.js?ver=4.9.13
6699 | Confirmed By: Rss Generator (Aggressive Detection)
6700 | - http://www.auctionit.co.bw/feed/, <generator>https://wordpress.org/?v=4.9.13</generator>
6701 | - http://www.auctionit.co.bw/comments/feed/, <generator>https://wordpress.org/?v=4.9.13</generator>
6702
6703[+] WordPress theme in use: childtheme_auction_7
6704 | Location: http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/
6705 | Style URL: http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/style.css?ver=4.9.13
6706 | Style Name: [CHILD] 07. Auction
6707 | Style URI: http: //www.premiumpress.com
6708 | Description: This is a child theme removed the country aspect out and uses the city location tools instead...
6709 | Author: Mark Fail
6710 | Author URI: http: //www.premiumpress.com
6711 |
6712 | Found By: Css Style In Homepage (Passive Detection)
6713 | Confirmed By: Css Style In 404 Page (Passive Detection)
6714 |
6715 | Version: 1.0 (80% confidence)
6716 | Found By: Style (Passive Detection)
6717 | - http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/style.css?ver=4.9.13, Match: 'Version: 1.0'
6718
6719[+] Enumerating All Plugins (via Passive Methods)
6720[+] Checking Plugin Versions (via Passive and Aggressive Methods)
6721
6722[i] Plugin(s) Identified:
6723
6724[+] elementor
6725 | Location: http://www.auctionit.co.bw/wp-content/plugins/elementor/
6726 | Last Updated: 2020-01-27T17:13:00.000Z
6727 | [!] The version is out of date, the latest version is 2.8.5
6728 |
6729 | Found By: Urls In Homepage (Passive Detection)
6730 |
6731 | Version: 2.3.5 (100% confidence)
6732 | Found By: Query Parameter (Passive Detection)
6733 | - http://www.auctionit.co.bw/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.3.5
6734 | - http://www.auctionit.co.bw/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.3.5
6735 | Confirmed By: Readme - Stable Tag (Aggressive Detection)
6736 | - http://www.auctionit.co.bw/wp-content/plugins/elementor/readme.txt
6737
6738[+] Enumerating Config Backups (via Passive and Aggressive Methods)
6739 Checking Config Backups - Time: 00:00:04 <=============> (21 / 21) 100.00% Time: 00:00:04
6740
6741[i] No Config Backups Found.
6742
6743[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
6744[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
6745
6746[+] Finished: Fri Feb 7 02:13:35 2020
6747[+] Requests Done: 68
6748[+] Cached Requests: 7
6749[+] Data Sent: 15.859 KB
6750[+] Data Received: 12.051 MB
6751[+] Memory used: 179.887 MB
6752[+] Elapsed time: 00:00:29
6753######################################################################################################################################
6754[+] URL: http://www.auctionit.co.bw/
6755[+] Started: Fri Feb 7 02:13:09 2020
6756
6757Interesting Finding(s):
6758
6759[+] http://www.auctionit.co.bw/
6760 | Interesting Entries:
6761 | - Server: nginx
6762 | - X-TEC-API-VERSION: v1
6763 | - X-TEC-API-ROOT: http://www.auctionit.co.bw/wp-json/tribe/events/v1/
6764 | - X-TEC-API-ORIGIN: http://www.auctionit.co.bw
6765 | - X-UA-Compatible: IE=edge
6766 | Found By: Headers (Passive Detection)
6767 | Confidence: 100%
6768
6769[+] http://www.auctionit.co.bw/robots.txt
6770 | Found By: Robots Txt (Aggressive Detection)
6771 | Confidence: 100%
6772
6773[+] http://www.auctionit.co.bw/xmlrpc.php
6774 | Found By: Direct Access (Aggressive Detection)
6775 | Confidence: 100%
6776 | References:
6777 | - http://codex.wordpress.org/XML-RPC_Pingback_API
6778 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
6779 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
6780 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
6781 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
6782
6783[+] http://www.auctionit.co.bw/readme.html
6784 | Found By: Direct Access (Aggressive Detection)
6785 | Confidence: 100%
6786
6787[+] Registration is enabled: http://www.auctionit.co.bw/wp-login.php?action=register
6788 | Found By: Direct Access (Aggressive Detection)
6789 | Confidence: 100%
6790
6791[+] http://www.auctionit.co.bw/wp-cron.php
6792 | Found By: Direct Access (Aggressive Detection)
6793 | Confidence: 60%
6794 | References:
6795 | - https://www.iplocation.net/defend-wordpress-from-ddos
6796 | - https://github.com/wpscanteam/wpscan/issues/1299
6797
6798[+] WordPress version 4.9.13 identified (Latest, released on 2019-12-12).
6799 | Found By: Most Common Wp Includes Query Parameter In Homepage (Passive Detection)
6800 | - http://www.auctionit.co.bw/wp-includes/js/wp-embed.min.js?ver=4.9.13
6801 | Confirmed By: Rss Generator (Aggressive Detection)
6802 | - http://www.auctionit.co.bw/feed/, <generator>https://wordpress.org/?v=4.9.13</generator>
6803 | - http://www.auctionit.co.bw/comments/feed/, <generator>https://wordpress.org/?v=4.9.13</generator>
6804
6805[+] WordPress theme in use: childtheme_auction_7
6806 | Location: http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/
6807 | Style URL: http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/style.css?ver=4.9.13
6808 | Style Name: [CHILD] 07. Auction
6809 | Style URI: http: //www.premiumpress.com
6810 | Description: This is a child theme removed the country aspect out and uses the city location tools instead...
6811 | Author: Mark Fail
6812 | Author URI: http: //www.premiumpress.com
6813 |
6814 | Found By: Css Style In Homepage (Passive Detection)
6815 | Confirmed By: Css Style In 404 Page (Passive Detection)
6816 |
6817 | Version: 1.0 (80% confidence)
6818 | Found By: Style (Passive Detection)
6819 | - http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/style.css?ver=4.9.13, Match: 'Version: 1.0'
6820
6821[+] Enumerating Users (via Passive and Aggressive Methods)
6822 Brute Forcing Author IDs - Time: 00:00:20 <==> (10 / 10) 100.00% Time: 00:00:20
6823
6824[i] User(s) Identified:
6825
6826[+] maxwell-dichigmail-com
6827 | Found By: Wp Json Api (Aggressive Detection)
6828 | - http://www.auctionit.co.bw/wp-json/wp/v2/users/?per_page=100&page=1
6829 | Confirmed By: Oembed API - Author URL (Aggressive Detection)
6830 | - http://www.auctionit.co.bw/wp-json/oembed/1.0/embed?url=http://www.auctionit.co.bw/&format=json
6831
6832[+] maxwell.dichi@gmail.com
6833 | Found By: Rss Generator (Aggressive Detection)
6834
6835[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
6836[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
6837
6838[+] Finished: Fri Feb 7 02:13:55 2020
6839[+] Requests Done: 50
6840[+] Cached Requests: 19
6841[+] Data Sent: 14.88 KB
6842[+] Data Received: 564.577 KB
6843[+] Memory used: 114.379 MB
6844[+] Elapsed time: 00:00:45
6845######################################################################################################################################
6846[+] URL: http://www.auctionit.co.bw/
6847[+] Started: Fri Feb 7 02:16:44 2020
6848
6849Interesting Finding(s):
6850
6851[+] http://www.auctionit.co.bw/
6852 | Interesting Entries:
6853 | - Server: nginx
6854 | - X-TEC-API-VERSION: v1
6855 | - X-TEC-API-ROOT: http://www.auctionit.co.bw/wp-json/tribe/events/v1/
6856 | - X-TEC-API-ORIGIN: http://www.auctionit.co.bw
6857 | - X-UA-Compatible: IE=edge
6858 | Found By: Headers (Passive Detection)
6859 | Confidence: 100%
6860
6861[+] http://www.auctionit.co.bw/robots.txt
6862 | Found By: Robots Txt (Aggressive Detection)
6863 | Confidence: 100%
6864
6865[+] http://www.auctionit.co.bw/xmlrpc.php
6866 | Found By: Direct Access (Aggressive Detection)
6867 | Confidence: 100%
6868 | References:
6869 | - http://codex.wordpress.org/XML-RPC_Pingback_API
6870 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
6871 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
6872 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
6873 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
6874
6875[+] http://www.auctionit.co.bw/readme.html
6876 | Found By: Direct Access (Aggressive Detection)
6877 | Confidence: 100%
6878
6879[+] Registration is enabled: http://www.auctionit.co.bw/wp-login.php?action=register
6880 | Found By: Direct Access (Aggressive Detection)
6881 | Confidence: 100%
6882
6883[+] http://www.auctionit.co.bw/wp-cron.php
6884 | Found By: Direct Access (Aggressive Detection)
6885 | Confidence: 60%
6886 | References:
6887 | - https://www.iplocation.net/defend-wordpress-from-ddos
6888 | - https://github.com/wpscanteam/wpscan/issues/1299
6889
6890[+] WordPress version 4.9.13 identified (Latest, released on 2019-12-12).
6891 | Found By: Most Common Wp Includes Query Parameter In Homepage (Passive Detection)
6892 | - http://www.auctionit.co.bw/wp-includes/js/wp-embed.min.js?ver=4.9.13
6893 | Confirmed By: Rss Generator (Aggressive Detection)
6894 | - http://www.auctionit.co.bw/feed/, <generator>https://wordpress.org/?v=4.9.13</generator>
6895 | - http://www.auctionit.co.bw/comments/feed/, <generator>https://wordpress.org/?v=4.9.13</generator>
6896
6897[+] WordPress theme in use: childtheme_auction_7
6898 | Location: http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/
6899 | Style URL: http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/style.css?ver=4.9.13
6900 | Style Name: [CHILD] 07. Auction
6901 | Style URI: http: //www.premiumpress.com
6902 | Description: This is a child theme removed the country aspect out and uses the city location tools instead...
6903 | Author: Mark Fail
6904 | Author URI: http: //www.premiumpress.com
6905 |
6906 | Found By: Css Style In Homepage (Passive Detection)
6907 | Confirmed By: Css Style In 404 Page (Passive Detection)
6908 |
6909 | Version: 1.0 (80% confidence)
6910 | Found By: Style (Passive Detection)
6911 | - http://www.auctionit.co.bw/wp-content/themes/childtheme_auction_7/style.css?ver=4.9.13, Match: 'Version: 1.0'
6912
6913[+] Enumerating Users (via Passive and Aggressive Methods)
6914 Brute Forcing Author IDs - Time: 00:00:02 <============> (10 / 10) 100.00% Time: 00:00:02
6915
6916[i] User(s) Identified:
6917
6918[+] maxwell-dichigmail-com
6919 | Found By: Wp Json Api (Aggressive Detection)
6920 | - http://www.auctionit.co.bw/wp-json/wp/v2/users/?per_page=100&page=1
6921 | Confirmed By: Oembed API - Author URL (Aggressive Detection)
6922 | - http://www.auctionit.co.bw/wp-json/oembed/1.0/embed?url=http://www.auctionit.co.bw/&format=json
6923
6924[+] maxwell.dichi@gmail.com
6925 | Found By: Rss Generator (Aggressive Detection)
6926
6927[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
6928[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
6929
6930[+] Finished: Fri Feb 7 02:16:51 2020
6931[+] Requests Done: 14
6932[+] Cached Requests: 55
6933[+] Data Sent: 3.324 KB
6934[+] Data Received: 56.093 KB
6935[+] Memory used: 113.473 MB
6936[+] Elapsed time: 00:00:07
6937######################################################################################################################################
6938[INFO] ------TARGET info------
6939[*] TARGET: http://www.auctionit.co.bw/
6940[*] TARGET IP: 154.73.84.17
6941[INFO] NO load balancer detected for www.auctionit.co.bw...
6942[*] DNS servers: ole.nconnect.co.bw.
6943[*] TARGET server: nginx
6944[*] CC: BW
6945[*] Country: Botswana
6946[*] RegionCode: GA
6947[*] RegionName: Gaborone
6948[*] City: Gaborone
6949[*] ASN: AS327776
6950[*] BGP_PREFIX: 154.73.84.0/22
6951[*] ISP: Stature-PTY-LTD, BW
6952[INFO] DNS enumeration:
6953[*] mail.auctionit.co.bw 154.73.84.10
6954[*] mx.auctionit.co.bw 154.73.84.9
6955[INFO] Possible abuse mails are:
6956[*] abuse@auctionit.co.bw
6957[*] abuse@www.auctionit.co.bw
6958[*] john@e-networks.co.bw
6959[INFO] NO PAC (Proxy Auto Configuration) file FOUND
6960[ALERT] robots.txt file FOUND in http://www.auctionit.co.bw/robots.txt
6961[INFO] Checking for HTTP status codes recursively from http://www.auctionit.co.bw/robots.txt
6962[INFO] Status code Folders
6963[INFO] Starting FUZZing in http://www.auctionit.co.bw/FUzZzZzZzZz...
6964[INFO] Status code Folders
6965[ALERT] Look in the source code. It may contain passwords
6966[INFO] Links found from http://www.auctionit.co.bw/ http://154.73.84.17/:
6967[*] https://www.facebook.com/auctionitbots/
6968[*] http://vestacp.com/
6969[*] http://www.auctionit.co.bw/
6970[*] http://www.auctionit.co.bw/about-us/
6971[*] http://www.auctionit.co.bw/add-listing/
6972[*] http://www.auctionit.co.bw/auctions/
6973[*] http://www.auctionit.co.bw/blog/
6974[*] http://www.auctionit.co.bw/contact/
6975[*] http://www.auctionit.co.bw/event/hollard-insurance-salvage-vehicle-auction-8/
6976[*] http://www.auctionit.co.bw/events/
6977[*] http://www.auctionit.co.bw/my-account/
6978[*] http://www.auctionit.co.bw/terms-conditions/
6979[*] http://www.auctionit.co.bw/wp-json/oembed/1.0/embed?url=http://www.auctionit.co.bw/
6980[*] http://www.auctionit.co.bw/wp-json/oembed/1.0/embed?url=http://www.auctionit.co.bw/&format=xml
6981[*] http://www.auctionit.co.bw/wp-login.php
6982[*] http://www.auctionit.co.bw/wp-login.php?action=login
6983[*] http://www.auctionit.co.bw/wp-login.php?action=register
6984cut: intervalle de champ incorrecte
6985Saisissez « cut --help » pour plus d'informations.
6986[INFO] Shodan detected the following opened ports on 154.73.84.17:
6987[*] 21
6988[*] 3306
6989[*] 80
6990[*] 8083
6991[INFO] ------VirusTotal SECTION------
6992[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
6993[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
6994[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
6995[INFO] ------Alexa Rank SECTION------
6996[INFO] Percent of Visitors Rank in Country:
6997[INFO] Percent of Search Traffic:
6998[INFO] Percent of Unique Visits:
6999[INFO] Total Sites Linking In:
7000[*] Total Sites
7001[INFO] Useful links related to www.auctionit.co.bw - 154.73.84.17:
7002[*] https://www.virustotal.com/pt/ip-address/154.73.84.17/information/
7003[*] https://www.hybrid-analysis.com/search?host=154.73.84.17
7004[*] https://www.shodan.io/host/154.73.84.17
7005[*] https://www.senderbase.org/lookup/?search_string=154.73.84.17
7006[*] https://www.alienvault.com/open-threat-exchange/ip/154.73.84.17
7007[*] http://pastebin.com/search?q=154.73.84.17
7008[*] http://urlquery.net/search.php?q=154.73.84.17
7009[*] http://www.alexa.com/siteinfo/www.auctionit.co.bw
7010[*] http://www.google.com/safebrowsing/diagnostic?site=www.auctionit.co.bw
7011[*] https://censys.io/ipv4/154.73.84.17
7012[*] https://www.abuseipdb.com/check/154.73.84.17
7013[*] https://urlscan.io/search/#154.73.84.17
7014[*] https://github.com/search?q=154.73.84.17&type=Code
7015[INFO] Useful links related to AS327776 - 154.73.84.0/22:
7016[*] http://www.google.com/safebrowsing/diagnostic?site=AS:327776
7017[*] https://www.senderbase.org/lookup/?search_string=154.73.84.0/22
7018[*] http://bgp.he.net/AS327776
7019[*] https://stat.ripe.net/AS327776
7020[INFO] Date: 07/02/20 | Time: 02:19:17
7021[INFO] Total time: 2 minute(s) and 38 second(s)
7022#####################################################################################################################################
7023[I] Threads: 5
7024[-] Target: http://www.auctionit.co.bw (154.73.84.17)
7025[M] Website Not in HTTPS: http://www.auctionit.co.bw
7026[I] Server: nginx
7027[L] X-Frame-Options: Not Enforced
7028[I] Strict-Transport-Security: Not Enforced
7029[I] X-Content-Security-Policy: Not Enforced
7030[I] X-Content-Type-Options: Not Enforced
7031[L] Robots.txt Found: http://www.auctionit.co.bw/robots.txt
7032[I] CMS Detection: WordPress
7033[I] Wordpress Theme: AT9
7034[-] WordPress usernames identified:
7035[M] maxwell.dichi@gmail.com
7036[M] XML-RPC services are enabled
7037[M] Website vulnerable to XML-RPC Brute Force Vulnerability
7038[I] Forgotten Password Allows Username Enumeration: http://www.auctionit.co.bw/wp-login.php?action=lostpassword
7039[I] Autocomplete Off Not Found: http://www.auctionit.co.bw/wp-login.php
7040[-] Default WordPress Files:
7041[I] http://www.auctionit.co.bw/license.txt
7042[I] http://www.auctionit.co.bw/readme.html
7043[I] http://www.auctionit.co.bw/wp-includes/ID3/license.commercial.txt
7044[I] http://www.auctionit.co.bw/wp-includes/ID3/license.txt
7045[I] http://www.auctionit.co.bw/wp-includes/ID3/readme.txt
7046[I] http://www.auctionit.co.bw/wp-includes/images/crystal/license.txt
7047[I] http://www.auctionit.co.bw/wp-includes/js/plupload/license.txt
7048[I] http://www.auctionit.co.bw/wp-includes/js/swfupload/license.txt
7049[I] http://www.auctionit.co.bw/wp-includes/js/tinymce/license.txt
7050[-] Searching Wordpress Plugins ...
7051[I] Calendar
7052[M] EDB-ID: 21715 "WordPress Plugin spider Calendar - Multiple Vulnerabilities"
7053[I] akismet v4.0.8
7054[M] EDB-ID: 37826 "WordPress 3.4.2 - Multiple Path Disclosure Vulnerabilities"
7055[M] EDB-ID: 37902 "WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities"
7056[I] all-in-one-event-calendar v2.5.40
7057[M] EDB-ID: 37075 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget-form.php?title' Cross-Site Scripting"
7058[M] EDB-ID: 37076 "WordPress Plugin All-in-One Event Calendar 1.4 - 'box_publish_button.php?button_value' Cross-Site Scripting"
7059[M] EDB-ID: 37077 "WordPress Plugin All-in-One Event Calendar 1.4 - 'save_successful.php?msg' Cross-Site Scripting"
7060[M] EDB-ID: 37078 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Cross-Site Scripting Vulnerabilities"
7061[I] elementor v2.3.5
7062[I] feed
7063[M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
7064[I] Checking for Directory Listing Enabled ...
7065[-] Date & Time: 07/02/2020 02:30:46
7066[-] Completed in: 0:06:50
7067######################################################################################################################################
7068 Anonymous JTSEC #OpDefendTheWild Full Recon #10