MA'AT
Welcome back!

Illegal Scan of Unite Blue Website

Go down

Illegal Scan of Unite Blue Website

Post by ZiLe on Fri Nov 22, 2013 10:41 pm

NMAP www.uniteblue.com
By: a guest on May 8th, 2013 | syntax: None | size: 18.09 KB | hits: 58 | expires: Never
download | raw | embed | report abuse | print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)



Starting Nmap 6.25 ( http://nmap.org ) at 2013-05-08 19:39 US Eastern Daylight Time

NSE: Loaded 128 scripts for scanning.

NSE: Script Pre-scanning.

NSE: Starting runlevel 1 (of 3) scan.

Initiating NSE at 19:39

Completed NSE at 19:39, 5.02s elapsed

NSE: Starting runlevel 2 (of 3) scan.

NSE: Starting runlevel 3 (of 3) scan.

Initiating Parallel DNS resolution of 1 host. at 19:39

Completed Parallel DNS resolution of 1 host. at 19:39, 11.08s elapsed

Initiating Connect Scan at 19:39

Scanning www.uniteblue.com (69.174.246.134) [1000 ports]

Discovered open port 443/tcp on 69.174.246.134

Discovered open port 80/tcp on 69.174.246.134

Discovered open port 22/tcp on 69.174.246.134

Discovered open port 3306/tcp on 69.174.246.134

Connect Scan Timing: About 3.35% done; ETC: 19:55 (0:14:54 remaining)

Connect Scan Timing: About 6.75% done; ETC: 19:54 (0:14:03 remaining)

Connect Scan Timing: About 12.35% done; ETC: 19:54 (0:13:15 remaining)

Connect Scan Timing: About 17.05% done; ETC: 19:54 (0:12:29 remaining)

Connect Scan Timing: About 22.05% done; ETC: 19:54 (0:11:43 remaining)

Connect Scan Timing: About 27.40% done; ETC: 19:54 (0:10:54 remaining)

Connect Scan Timing: About 32.80% done; ETC: 19:54 (0:10:04 remaining)

Connect Scan Timing: About 38.10% done; ETC: 19:54 (0:09:17 remaining)

Connect Scan Timing: About 43.15% done; ETC: 19:54 (0:08:31 remaining)

Discovered open port 873/tcp on 69.174.246.134

Connect Scan Timing: About 48.25% done; ETC: 19:54 (0:07:44 remaining)

Connect Scan Timing: About 53.55% done; ETC: 19:54 (0:06:57 remaining)

Connect Scan Timing: About 58.60% done; ETC: 19:54 (0:06:12 remaining)

Connect Scan Timing: About 63.60% done; ETC: 19:54 (0:05:27 remaining)

Connect Scan Timing: About 68.60% done; ETC: 19:54 (0:04:42 remaining)

Connect Scan Timing: About 73.75% done; ETC: 19:54 (0:03:55 remaining)

Connect Scan Timing: About 78.80% done; ETC: 19:54 (0:03:10 remaining)

Connect Scan Timing: About 83.95% done; ETC: 19:54 (0:02:24 remaining)

Connect Scan Timing: About 88.95% done; ETC: 19:54 (0:01:39 remaining)

Connect Scan Timing: About 93.95% done; ETC: 19:54 (0:00:54 remaining)

Completed Connect Scan at 19:54, 894.66s elapsed (1000 total ports)

Initiating SCTP COOKIE-ECHO Scan at 19:54

Scanning www.uniteblue.com (69.174.246.134) [52 ports]

Completed SCTP COOKIE-ECHO Scan at 19:55, 44.35s elapsed (52 total ports)

Initiating Service scan at 19:55

Scanning 57 services on www.uniteblue.com (69.174.246.134)

Service scan Timing: About 3.51% done; ETC: 20:36 (0:39:25 remaining)

Service scan Timing: About 5.26% done; ETC: 20:54 (0:55:30 remaining)

Completed Service scan at 19:58, 185.78s elapsed (57 services on 1 host)

NSE: Script scanning 69.174.246.134.

NSE: Starting runlevel 1 (of 3) scan.

Initiating NSE at 19:58

NSE Timing: About 15.61% done; ETC: 20:01 (0:02:48 remaining)

NSE Timing: About 38.05% done; ETC: 20:01 (0:01:39 remaining)

NSE Timing: About 41.26% done; ETC: 20:02 (0:02:10 remaining)

NSE Timing: About 43.20% done; ETC: 20:03 (0:02:39 remaining)

NSE Timing: About 43.20% done; ETC: 20:04 (0:03:19 remaining)

NSE Timing: About 45.15% done; ETC: 20:05 (0:03:40 remaining)

NSE Timing: About 45.15% done; ETC: 20:06 (0:04:16 remaining)

NSE Timing: About 45.63% done; ETC: 20:07 (0:04:47 remaining)

NSE Timing: About 45.63% done; ETC: 20:08 (0:05:23 remaining)

NSE Timing: About 45.63% done; ETC: 20:09 (0:05:59 remaining)

NSE Timing: About 45.63% done; ETC: 20:10 (0:06:34 remaining)

NSE Timing: About 45.63% done; ETC: 20:11 (0:07:10 remaining)

NSE Timing: About 45.63% done; ETC: 20:12 (0:07:46 remaining)

NSE Timing: About 45.63% done; ETC: 20:13 (0:08:22 remaining)

NSE Timing: About 45.63% done; ETC: 20:15 (0:08:57 remaining)

NSE Timing: About 45.63% done; ETC: 20:16 (0:09:33 remaining)

NSE Timing: About 45.63% done; ETC: 20:17 (0:10:09 remaining)

NSE Timing: About 45.63% done; ETC: 20:18 (0:10:45 remaining)

NSE Timing: About 45.63% done; ETC: 20:19 (0:11:20 remaining)

NSE Timing: About 47.57% done; ETC: 20:19 (0:11:02 remaining)

NSE Timing: About 57.21% done; ETC: 20:16 (0:07:52 remaining)

NSE Timing: About 68.37% done; ETC: 20:14 (0:05:06 remaining)

NSE Timing: About 74.88% done; ETC: 20:13 (0:03:52 remaining)

NSE Timing: About 81.11% done; ETC: 20:13 (0:02:48 remaining)

NSE Timing: About 81.11% done; ETC: 20:14 (0:02:55 remaining)

NSE Timing: About 81.11% done; ETC: 20:14 (0:03:02 remaining)

NSE Timing: About 83.41% done; ETC: 20:14 (0:02:41 remaining)

NSE Timing: About 92.63% done; ETC: 20:13 (0:01:07 remaining)

NSE Timing: About 93.55% done; ETC: 20:14 (0:01:00 remaining)

NSE Timing: About 93.55% done; ETC: 20:14 (0:01:02 remaining)

NSE Timing: About 93.55% done; ETC: 20:15 (0:01:04 remaining)

NSE Timing: About 96.00% done; ETC: 20:15 (0:00:40 remaining)

NSE Timing: About 97.78% done; ETC: 20:15 (0:00:23 remaining)

Completed NSE at 20:15, 1008.21s elapsed

NSE: Starting runlevel 2 (of 3) scan.

Initiating NSE at 20:15

Completed NSE at 20:15, 0.00s elapsed

NSE: Starting runlevel 3 (of 3) scan.

Nmap scan report for www.uniteblue.com (69.174.246.134)

Host is up (0.098s latency).

rDNS record for 69.174.246.134: atk.financialonline.com.br

Scanned at 2013-05-08 19:39:49 US Eastern Daylight Time for 2134s

Not shown: 995 filtered ports, 52 open|filtered ports

PORT STATE SERVICE VERSION

22/tcp open ssh OpenSSH 4.3 (protocol 2.0)

|_banner: SSH-2.0-OpenSSH_4.3

80/tcp open http?

| http-affiliate-id:

|_ Google Analytics ID: UA-25138211-2

| http-email-harvest:

| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=www.uniteblue.com

| community@uniteblue.com

| zach@uniteblue.com

| UniteBlue@gmail.com

| stateleg@uniteblue.com

|_ info@uniteblue.com

| http-php-version: Logo query returned unknown hash 858820d9f5ee72fe2cce3d63e918ce03

| Versions from credits query (more accurate): 5.3.9 - 5.3.18

|_Version from header x-powered-by: PHP/5.3.18

| http-robots.txt: 1 disallowed entry

|_/code/

| http-sitemap-generator:

| Directory structure:

| /

| Other: 1

| /community/

| Other: 1

| /css/

| css: 1

| /images/

| png: 9

| /info/about/

| Other: 1

| /js/

| js: 3

| Longest directory structure:

| Depth: 2

| Dir: /info/about/

| Total files found (by extension):

|_ Other: 3; css: 1; js: 3; png: 9

| http-vhosts:

| 27 names had status 200

|_www.uniteblue.com : 301 -> http://uniteblue.com/

|_http-wordpress-enum: [Error] Wordpress installation was not found. We couldn't find wp-login.php

443/tcp open ssl/https?

| http-php-version: Versions from credits query (more accurate): 5.3.9 - 5.3.18

|_Version from header x-powered-by: PHP/5.3.18

| http-robots.txt: 1 disallowed entry

|_/

| http-sitemap-generator:

| Directory structure:

| Longest directory structure:

| Depth: 0

| Dir: /

| Total files found (by extension):

|_

| http-vhosts:

|_28 names had status 200

|_http-wordpress-enum: [Error] Wordpress installation was not found. We couldn't find wp-login.php

| ssl-cert: Subject: commonName=localhost.localdomain/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=--/localityName=SomeCity/organizationalUnitName=SomeOrganizationalUnit/emailAddress=root@localhost.localdomain

| Issuer: commonName=localhost.localdomain/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=--/localityName=SomeCity/organizationalUnitName=SomeOrganizationalUnit/emailAddress=root@localhost.localdomain

| Public Key type: rsa

| Public Key bits: 1024

| Not valid before: 2011-11-17T13:14:25+00:00

| Not valid after: 2012-11-16T13:14:25+00:00

| MD5: e7c4 db89 7c3d 8bef 372f 200d 164f d298

| SHA-1: 0a2b bc5f f6a8 bc40 1231 bd6e f1c8 00b9 e1dc 01ce

| -----BEGIN CERTIFICATE-----

| MIIEDjCCA3egAwIBAgICBdgwDQYJKoZIhvcNAQEFBQAwgbsxCzAJBgNVBAYTAi0t

| MRIwEAYDVQQIEwlTb21lU3RhdGUxETAPBgNVBAcTCFNvbWVDaXR5MRkwFwYDVQQK

| ExBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLExZTb21lT3JnYW5pemF0aW9uYWxV

| bml0MR4wHAYDVQQDExVsb2NhbGhvc3QubG9jYWxkb21haW4xKTAnBgkqhkiG9w0B

| CQEWGnJvb3RAbG9jYWxob3N0LmxvY2FsZG9tYWluMB4XDTExMTExNzEzMTQyNVoX

| DTEyMTExNjEzMTQyNVowgbsxCzAJBgNVBAYTAi0tMRIwEAYDVQQIEwlTb21lU3Rh

| dGUxETAPBgNVBAcTCFNvbWVDaXR5MRkwFwYDVQQKExBTb21lT3JnYW5pemF0aW9u

| MR8wHQYDVQQLExZTb21lT3JnYW5pemF0aW9uYWxVbml0MR4wHAYDVQQDExVsb2Nh

| bGhvc3QubG9jYWxkb21haW4xKTAnBgkqhkiG9w0BCQEWGnJvb3RAbG9jYWxob3N0

| LmxvY2FsZG9tYWluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDppGZxwKge

| o/SHVeK80uaJDpodCe5MsHPfQtSte2OyrXmSVpzNj6ht5QyYwIysKUPdNNr5WRqO

| xHQAsSxn98CCD8mQ+bzEX+fg15mCZHbiGP1vf93zijrrUwUbBzshnduUtbSkuV5j

| BlMKQdgwGiFKUzViKunENltdrFybpQBDqQIDAQABo4IBHTCCARkwHQYDVR0OBBYE

| FMLANDhierAJZO2qmjQdOrO776oiMIHpBgNVHSMEgeEwgd6AFMLANDhierAJZO2q

| mjQdOrO776oioYHBpIG+MIG7MQswCQYDVQQGEwItLTESMBAGA1UECBMJU29tZVN0

| YXRlMREwDwYDVQQHEwhTb21lQ2l0eTEZMBcGA1UEChMQU29tZU9yZ2FuaXphdGlv

| bjEfMB0GA1UECxMWU29tZU9yZ2FuaXphdGlvbmFsVW5pdDEeMBwGA1UEAxMVbG9j

| YWxob3N0LmxvY2FsZG9tYWluMSkwJwYJKoZIhvcNAQkBFhpyb290QGxvY2FsaG9z

| dC5sb2NhbGRvbWFpboICBdgwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOB

| gQCquVHNHyCy6/aLgUm0w/lukYztWDIOcIyguDLLXu7GyztGcfERnTLx5ri3w/83

| qvS4uiPTRC/GEbf4eO/VY3dEVcLNdncMVhJ9UnH2fGpi8KvIA/XGphl8v3KZiqab

| m88BBrZwypV5bs3TMZREZZg+C0QAR81aNVTfE0y6vyAAxw==

|_-----END CERTIFICATE-----

873/tcp open rsync (protocol version 30)

|_banner: @RSYNCD: 30.0

3306/tcp open mysql MySQL 5.5.27-log

| banner: N\x00\x00\x00\x0A5.5.27-log\x00F\x81\x00\x00y.rx#BdO\x00\xFF\xF

| 7\x08\x02\x00\x0F\x80\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?/lS
|_HP9l4]\x00mysql_native_password\x00

| mysql-audit:

|_ No audit rulebase file was supplied (see mysql-audit.filename)

| mysql-brute:

| Accounts

| No valid accounts found

| Statistics

|_ Performed 2611 guesses in 666 seconds, average tps: 3

| mysql-info: Protocol: 10

| Version: 5.5.27-log

| Thread ID: 36904

| Some Capabilities: Long Passwords, Connect with DB, Compress, ODBC, Transactions, Secure Connection

| Status: Autocommit

|_Salt: v;_NJfDb

|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)

2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port80-TCP:V=6.25%I=7%D=5/8%Time=518AE5F7%P=i686-pc-windows-windows%r(G

SF:etRequest,1AA3,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Wed,\x2008\x20May\x2

SF:02013\x2023:55:43\x20GMT\r\nServer:\x20Apache\r\nX-Powered-By:\x20PHP/5

SF:\.3\.18\r\nX-Pingback:\x20http://www\.berubefarm\.com/xmlrpc\.php\r\nCo

SF:ntent-Length:\x206590\r\nConnection:\x20close\r\nContent-Type:\x20text/

SF:html;\x20charset=UTF-8\r\n\r\n
SF:DTD\x20XHTML\x201\.0\x20Strict//EN\"\x20\"http://www\.w3\.org/TR/xhtml1

SF:/DTD/xhtml1-strict\.dtd\">\n
SF:html\"\x20lang=\"en-US\">\n
SF:>\n
SF:set=UTF-8\"\x20/>\nberube\x20farm\n
SF:s\"\x20content=\"noodp,\x20noydir\"\x20/>\n
SF:"\x20content=\"berube\x20farm\"\x20/>\n
SF:ntent=\"berube\x20farm,\"\x20/>\n
SF:http://www\.berubefarm\.com/wp-content/themes/thesis_18/style\.css\?021

SF:713-154731\"\x20type=\"text/css\"\x20media=\"screen,\x20projection\"\x2

SF:0/>\n
SF:wp-content/th")%r(HTTPOptions,1AA3,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20

SF:Wed,\x2008\x20May\x202013\x2023:55:44\x20GMT\r\nServer:\x20Apache\r\nX-

SF:Powered-By:\x20PHP/5\.3\.18\r\nX-Pingback:\x20http://www\.berubefarm\.c

SF:om/xmlrpc\.php\r\nContent-Length:\x206590\r\nConnection:\x20close\r\nCo

SF:ntent-Type:\x20text/html;\x20charset=UTF-8\r\n\r\n
SF:PUBLIC\x20\"-//W3C//DTD\x20XHTML\x201\.0\x20Strict//EN\"\x20\"http://ww

SF:w\.w3\.org/TR/xhtml1/DTD/xhtml1-strict\.dtd\">\n
SF:/www\.w3\.org/1999/xhtml\"\x20lang=\"en-US\">\n
\n" target="_blank" rel="nofollow">SF://gmpg\.org/xfn/11\">\n
SF:\"text/html;\x20charset=UTF-8\"\x20/>\nberube\x20farm\n<

SF:meta\x20name=\"robots\"\x20content=\"noodp,\x20noydir\"\x20/>\n
SF:0name=\"description\"\x20content=\"berube\x20farm\"\x20/>\n
SF:e=\"keywords\"\x20content=\"berube\x20farm,\"\x20/>\n
SF:lesheet\"\x20href=\"http://www\.berubefarm\.com/wp-content/themes/thesi

SF:s_18/style\.css\?021713-154731\"\x20type=\"text/css\"\x20media=\"screen

SF:,\x20projection\"\x20/>\n
SF:ww\.berubefarm\.com/wp-content/th");

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port443-TCP:V=6.25%T=SSL%I=7%D=5/8%Time=518AE654%P=i686-pc-windows-wind

SF:ows%r(GetRequest,1126,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Wed,\x2008\x2

SF:0May\x202013\x2023:57:16\x20GMT\r\nServer:\x20Apache\r\nX-Powered-By:\x

SF:20PHP/5\.3\.18\r\nX-Pingback:\x20http://140dev\.com/wordpress/xmlrpc\.p

SF:hp\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=UT

SF:F-8\r\n\r\n
SF:0\x20Strict//EN\"\x20\"http://www\.w3\.org/TR/xhtml1/DTD/xhtml1-strict\

SF:.dtd\">\n
SF:\"\x20lang=\"en-US\">\n\n<

SF:meta\x20http-equiv=\"Content-Type\"\x20content=\"text/html;\x20charset=

SF:UTF-8\"\x20/>\nTwitter\x20API\x20Programming\x20Tips,\x20Tutoria<br /> <br /> SF:ls,\x20Source\x20Code\x20Libraries\x20and\x20Consulting\x20by\x20Adam\x<br /> <br /> SF:20Green\x20–\x20140Dev\.com\n
SF:content=\"noodp,\x20noydir\"\x20/>\n
SF:ntent=\"The\x20complete\x20source\x20for\x20Twitter\x20API\x20programmi

SF:ng\x20tips,\x20consulting\x20advice,\x20tutorials,\x20and\x20free\x20op

SF:en\x20source\x20code\x20by\x20Adam\x20Green\.\"\x20/>\n
SF:keywords\"\x20content=\"Twitter\x20API\x20Programming\x20Tips,\x20Tutor

SF:ia")%r(HTTPOptions,1126,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Wed,\x2008\

SF:x20May\x202013\x2023:57:22\x20GMT\r\nServer:\x20Apache\r\nX-Powered-By:

SF:\x20PHP/5\.3\.18\r\nX-Pingback:\x20http://140dev\.com/wordpress/xmlrpc\

SF:.php\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=

SF:UTF-8\r\n\r\n
SF:\.0\x20Strict//EN\"\x20\"http://www\.w3\.org/TR/xhtml1/DTD/xhtml1-stric

SF:t\.dtd\">\n
SF:tr\"\x20lang=\"en-US\">\n\

SF:n
SF:t=UTF-8\"\x20/>\nTwitter\x20API\x20Programming\x20Tips,\x20Tutor<br /> <br /> SF:ials,\x20Source\x20Code\x20Libraries\x20and\x20Consulting\x20by\x20Adam<br /> <br /> SF:\x20Green\x20–\x20140Dev\.com\n
SF:20content=\"noodp,\x20noydir\"\x20/>\n
SF:content=\"The\x20complete\x20source\x20for\x20Twitter\x20API\x20program

SF:ming\x20tips,\x20consulting\x20advice,\x20tutorials,\x20and\x20free\x20

SF:open\x20source\x20code\x20by\x20Adam\x20Green\.\"\x20/>\n
SF:\"keywords\"\x20content=\"Twitter\x20API\x20Programming\x20Tips,\x20Tut

SF:oria");



Host script results:

| dns-blacklist:

| ATTACK

| all.bl.blocklist.de - FAIL

| SPAM

| list.quorum.to - FAIL

| bl.spamcop.net - FAIL

| all.spamrats.com - FAIL

| sbl.spamhaus.org - FAIL

| dnsbl.inps.de - FAIL

| bl.nszones.com - FAIL

| spam.dnsbl.sorbs.net - FAIL

| l2.apews.org - FAIL

| dnsbl.ahbl.org - FAIL

| PROXY

| dnsbl.tornevall.org - FAIL

| misc.dnsbl.sorbs.net - FAIL

| http.dnsbl.sorbs.net - FAIL

| dnsbl.ahbl.org - FAIL

| tor.dan.me.uk - FAIL

|_ socks.dnsbl.sorbs.net - FAIL

| dns-brute:

| DNS Brute-force hostnames

|_ No results.

|_firewall-bypass: false

|_hostmap-bfk: Error: found no hostnames but not the marker for "no hostnames found" (pattern error?)

|_hostmap-robtex: ERROR: Script execution failed (use -d to debug)

| ip-geolocation-geobytes:

| latitude: 35.5822

| longitude: -80.8122

| city: Mooresville

| region: North Carolina

|_ country: United States

|_ip-geolocation-geoplugin: ERROR: Script execution failed (use -d to debug)

|_ip-geolocation-maxmind: ERROR: Script execution failed (use -d to debug)

| whois: Record found at whois.arin.net

| netrange: 69.174.240.0 - 69.174.255.255

| netname: SERVER-ALLOC-1

| orgname: ServerBeach

| orgid: SERVER-17

| country: US stateprov: TX

|

| orgtechname: IP Admin

|_orgtechemail: ipadmin@serverbeach.com



NSE: Script Post-scanning.

NSE: Starting runlevel 1 (of 3) scan.

Initiating NSE at 20:15

Completed NSE at 20:15, 0.00s elapsed

NSE: Starting runlevel 2 (of 3) scan.

NSE: Starting runlevel 3 (of 3) scan.

Post-scan script results:

| reverse-index:

| 22/tcp: 69.174.246.134

| 80/tcp: 69.174.246.134

| 443/tcp: 69.174.246.134

| 873/tcp: 69.174.246.134

|_ 3306/tcp: 69.174.246.134

Read data files from: C:\Program Files (x86)\Nmap

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 2154.02 seconds

Raw packets sent: 104 (4.160KB) | Rcvd: 0 (0B)

avatar
ZiLe
Admin

Posts : 369
Join date : 2013-11-04

Back to top Go down

Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum