MA'AT
Welcome back!

Illegal Scan of Unite Blue Website

View previous topic View next topic Go down

Illegal Scan of Unite Blue Website

Post by ZiLe on Fri Nov 22, 2013 10:41 pm

NMAP www.uniteblue.com
By: a guest on May 8th, 2013 | syntax: None | size: 18.09 KB | hits: 58 | expires: Never
download | raw | embed | report abuse | print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)



Starting Nmap 6.25 ( http://nmap.org ) at 2013-05-08 19:39 US Eastern Daylight Time

NSE: Loaded 128 scripts for scanning.

NSE: Script Pre-scanning.

NSE: Starting runlevel 1 (of 3) scan.

Initiating NSE at 19:39

Completed NSE at 19:39, 5.02s elapsed

NSE: Starting runlevel 2 (of 3) scan.

NSE: Starting runlevel 3 (of 3) scan.

Initiating Parallel DNS resolution of 1 host. at 19:39

Completed Parallel DNS resolution of 1 host. at 19:39, 11.08s elapsed

Initiating Connect Scan at 19:39

Scanning www.uniteblue.com (69.174.246.134) [1000 ports]

Discovered open port 443/tcp on 69.174.246.134

Discovered open port 80/tcp on 69.174.246.134

Discovered open port 22/tcp on 69.174.246.134

Discovered open port 3306/tcp on 69.174.246.134

Connect Scan Timing: About 3.35% done; ETC: 19:55 (0:14:54 remaining)

Connect Scan Timing: About 6.75% done; ETC: 19:54 (0:14:03 remaining)

Connect Scan Timing: About 12.35% done; ETC: 19:54 (0:13:15 remaining)

Connect Scan Timing: About 17.05% done; ETC: 19:54 (0:12:29 remaining)

Connect Scan Timing: About 22.05% done; ETC: 19:54 (0:11:43 remaining)

Connect Scan Timing: About 27.40% done; ETC: 19:54 (0:10:54 remaining)

Connect Scan Timing: About 32.80% done; ETC: 19:54 (0:10:04 remaining)

Connect Scan Timing: About 38.10% done; ETC: 19:54 (0:09:17 remaining)

Connect Scan Timing: About 43.15% done; ETC: 19:54 (0:08:31 remaining)

Discovered open port 873/tcp on 69.174.246.134

Connect Scan Timing: About 48.25% done; ETC: 19:54 (0:07:44 remaining)

Connect Scan Timing: About 53.55% done; ETC: 19:54 (0:06:57 remaining)

Connect Scan Timing: About 58.60% done; ETC: 19:54 (0:06:12 remaining)

Connect Scan Timing: About 63.60% done; ETC: 19:54 (0:05:27 remaining)

Connect Scan Timing: About 68.60% done; ETC: 19:54 (0:04:42 remaining)

Connect Scan Timing: About 73.75% done; ETC: 19:54 (0:03:55 remaining)

Connect Scan Timing: About 78.80% done; ETC: 19:54 (0:03:10 remaining)

Connect Scan Timing: About 83.95% done; ETC: 19:54 (0:02:24 remaining)

Connect Scan Timing: About 88.95% done; ETC: 19:54 (0:01:39 remaining)

Connect Scan Timing: About 93.95% done; ETC: 19:54 (0:00:54 remaining)

Completed Connect Scan at 19:54, 894.66s elapsed (1000 total ports)

Initiating SCTP COOKIE-ECHO Scan at 19:54

Scanning www.uniteblue.com (69.174.246.134) [52 ports]

Completed SCTP COOKIE-ECHO Scan at 19:55, 44.35s elapsed (52 total ports)

Initiating Service scan at 19:55

Scanning 57 services on www.uniteblue.com (69.174.246.134)

Service scan Timing: About 3.51% done; ETC: 20:36 (0:39:25 remaining)

Service scan Timing: About 5.26% done; ETC: 20:54 (0:55:30 remaining)

Completed Service scan at 19:58, 185.78s elapsed (57 services on 1 host)

NSE: Script scanning 69.174.246.134.

NSE: Starting runlevel 1 (of 3) scan.

Initiating NSE at 19:58

NSE Timing: About 15.61% done; ETC: 20:01 (0:02:48 remaining)

NSE Timing: About 38.05% done; ETC: 20:01 (0:01:39 remaining)

NSE Timing: About 41.26% done; ETC: 20:02 (0:02:10 remaining)

NSE Timing: About 43.20% done; ETC: 20:03 (0:02:39 remaining)

NSE Timing: About 43.20% done; ETC: 20:04 (0:03:19 remaining)

NSE Timing: About 45.15% done; ETC: 20:05 (0:03:40 remaining)

NSE Timing: About 45.15% done; ETC: 20:06 (0:04:16 remaining)

NSE Timing: About 45.63% done; ETC: 20:07 (0:04:47 remaining)

NSE Timing: About 45.63% done; ETC: 20:08 (0:05:23 remaining)

NSE Timing: About 45.63% done; ETC: 20:09 (0:05:59 remaining)

NSE Timing: About 45.63% done; ETC: 20:10 (0:06:34 remaining)

NSE Timing: About 45.63% done; ETC: 20:11 (0:07:10 remaining)

NSE Timing: About 45.63% done; ETC: 20:12 (0:07:46 remaining)

NSE Timing: About 45.63% done; ETC: 20:13 (0:08:22 remaining)

NSE Timing: About 45.63% done; ETC: 20:15 (0:08:57 remaining)

NSE Timing: About 45.63% done; ETC: 20:16 (0:09:33 remaining)

NSE Timing: About 45.63% done; ETC: 20:17 (0:10:09 remaining)

NSE Timing: About 45.63% done; ETC: 20:18 (0:10:45 remaining)

NSE Timing: About 45.63% done; ETC: 20:19 (0:11:20 remaining)

NSE Timing: About 47.57% done; ETC: 20:19 (0:11:02 remaining)

NSE Timing: About 57.21% done; ETC: 20:16 (0:07:52 remaining)

NSE Timing: About 68.37% done; ETC: 20:14 (0:05:06 remaining)

NSE Timing: About 74.88% done; ETC: 20:13 (0:03:52 remaining)

NSE Timing: About 81.11% done; ETC: 20:13 (0:02:48 remaining)

NSE Timing: About 81.11% done; ETC: 20:14 (0:02:55 remaining)

NSE Timing: About 81.11% done; ETC: 20:14 (0:03:02 remaining)

NSE Timing: About 83.41% done; ETC: 20:14 (0:02:41 remaining)

NSE Timing: About 92.63% done; ETC: 20:13 (0:01:07 remaining)

NSE Timing: About 93.55% done; ETC: 20:14 (0:01:00 remaining)

NSE Timing: About 93.55% done; ETC: 20:14 (0:01:02 remaining)

NSE Timing: About 93.55% done; ETC: 20:15 (0:01:04 remaining)

NSE Timing: About 96.00% done; ETC: 20:15 (0:00:40 remaining)

NSE Timing: About 97.78% done; ETC: 20:15 (0:00:23 remaining)

Completed NSE at 20:15, 1008.21s elapsed

NSE: Starting runlevel 2 (of 3) scan.

Initiating NSE at 20:15

Completed NSE at 20:15, 0.00s elapsed

NSE: Starting runlevel 3 (of 3) scan.

Nmap scan report for www.uniteblue.com (69.174.246.134)

Host is up (0.098s latency).

rDNS record for 69.174.246.134: atk.financialonline.com.br

Scanned at 2013-05-08 19:39:49 US Eastern Daylight Time for 2134s

Not shown: 995 filtered ports, 52 open|filtered ports

PORT STATE SERVICE VERSION

22/tcp open ssh OpenSSH 4.3 (protocol 2.0)

|_banner: SSH-2.0-OpenSSH_4.3

80/tcp open http?

| http-affiliate-id:

|_ Google Analytics ID: UA-25138211-2

| http-email-harvest:

| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=www.uniteblue.com

| community@uniteblue.com

| zach@uniteblue.com

| UniteBlue@gmail.com

| stateleg@uniteblue.com

|_ info@uniteblue.com

| http-php-version: Logo query returned unknown hash 858820d9f5ee72fe2cce3d63e918ce03

| Versions from credits query (more accurate): 5.3.9 - 5.3.18

|_Version from header x-powered-by: PHP/5.3.18

| http-robots.txt: 1 disallowed entry

|_/code/

| http-sitemap-generator:

| Directory structure:

| /

| Other: 1

| /community/

| Other: 1

| /css/

| css: 1

| /images/

| png: 9

| /info/about/

| Other: 1

| /js/

| js: 3

| Longest directory structure:

| Depth: 2

| Dir: /info/about/

| Total files found (by extension):

|_ Other: 3; css: 1; js: 3; png: 9

| http-vhosts:

| 27 names had status 200

|_www.uniteblue.com : 301 -> http://uniteblue.com/

|_http-wordpress-enum: [Error] Wordpress installation was not found. We couldn't find wp-login.php

443/tcp open ssl/https?

| http-php-version: Versions from credits query (more accurate): 5.3.9 - 5.3.18

|_Version from header x-powered-by: PHP/5.3.18

| http-robots.txt: 1 disallowed entry

|_/

| http-sitemap-generator:

| Directory structure:

| Longest directory structure:

| Depth: 0

| Dir: /

| Total files found (by extension):

|_

| http-vhosts:

|_28 names had status 200

|_http-wordpress-enum: [Error] Wordpress installation was not found. We couldn't find wp-login.php

| ssl-cert: Subject: commonName=localhost.localdomain/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=--/localityName=SomeCity/organizationalUnitName=SomeOrganizationalUnit/emailAddress=root@localhost.localdomain

| Issuer: commonName=localhost.localdomain/organizationName=SomeOrganization/stateOrProvinceName=SomeState/countryName=--/localityName=SomeCity/organizationalUnitName=SomeOrganizationalUnit/emailAddress=root@localhost.localdomain

| Public Key type: rsa

| Public Key bits: 1024

| Not valid before: 2011-11-17T13:14:25+00:00

| Not valid after: 2012-11-16T13:14:25+00:00

| MD5: e7c4 db89 7c3d 8bef 372f 200d 164f d298

| SHA-1: 0a2b bc5f f6a8 bc40 1231 bd6e f1c8 00b9 e1dc 01ce

| -----BEGIN CERTIFICATE-----

| MIIEDjCCA3egAwIBAgICBdgwDQYJKoZIhvcNAQEFBQAwgbsxCzAJBgNVBAYTAi0t

| MRIwEAYDVQQIEwlTb21lU3RhdGUxETAPBgNVBAcTCFNvbWVDaXR5MRkwFwYDVQQK

| ExBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLExZTb21lT3JnYW5pemF0aW9uYWxV

| bml0MR4wHAYDVQQDExVsb2NhbGhvc3QubG9jYWxkb21haW4xKTAnBgkqhkiG9w0B

| CQEWGnJvb3RAbG9jYWxob3N0LmxvY2FsZG9tYWluMB4XDTExMTExNzEzMTQyNVoX

| DTEyMTExNjEzMTQyNVowgbsxCzAJBgNVBAYTAi0tMRIwEAYDVQQIEwlTb21lU3Rh

| dGUxETAPBgNVBAcTCFNvbWVDaXR5MRkwFwYDVQQKExBTb21lT3JnYW5pemF0aW9u

| MR8wHQYDVQQLExZTb21lT3JnYW5pemF0aW9uYWxVbml0MR4wHAYDVQQDExVsb2Nh

| bGhvc3QubG9jYWxkb21haW4xKTAnBgkqhkiG9w0BCQEWGnJvb3RAbG9jYWxob3N0

| LmxvY2FsZG9tYWluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDppGZxwKge

| o/SHVeK80uaJDpodCe5MsHPfQtSte2OyrXmSVpzNj6ht5QyYwIysKUPdNNr5WRqO

| xHQAsSxn98CCD8mQ+bzEX+fg15mCZHbiGP1vf93zijrrUwUbBzshnduUtbSkuV5j

| BlMKQdgwGiFKUzViKunENltdrFybpQBDqQIDAQABo4IBHTCCARkwHQYDVR0OBBYE

| FMLANDhierAJZO2qmjQdOrO776oiMIHpBgNVHSMEgeEwgd6AFMLANDhierAJZO2q

| mjQdOrO776oioYHBpIG+MIG7MQswCQYDVQQGEwItLTESMBAGA1UECBMJU29tZVN0

| YXRlMREwDwYDVQQHEwhTb21lQ2l0eTEZMBcGA1UEChMQU29tZU9yZ2FuaXphdGlv

| bjEfMB0GA1UECxMWU29tZU9yZ2FuaXphdGlvbmFsVW5pdDEeMBwGA1UEAxMVbG9j

| YWxob3N0LmxvY2FsZG9tYWluMSkwJwYJKoZIhvcNAQkBFhpyb290QGxvY2FsaG9z

| dC5sb2NhbGRvbWFpboICBdgwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOB

| gQCquVHNHyCy6/aLgUm0w/lukYztWDIOcIyguDLLXu7GyztGcfERnTLx5ri3w/83

| qvS4uiPTRC/GEbf4eO/VY3dEVcLNdncMVhJ9UnH2fGpi8KvIA/XGphl8v3KZiqab

| m88BBrZwypV5bs3TMZREZZg+C0QAR81aNVTfE0y6vyAAxw==

|_-----END CERTIFICATE-----

873/tcp open rsync (protocol version 30)

|_banner: @RSYNCD: 30.0

3306/tcp open mysql MySQL 5.5.27-log

| banner: N\x00\x00\x00\x0A5.5.27-log\x00F\x81\x00\x00y.rx#BdO\x00\xFF\xF

| 7\x08\x02\x00\x0F\x80\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?/lS
|_HP9l4]\x00mysql_native_password\x00

| mysql-audit:

|_ No audit rulebase file was supplied (see mysql-audit.filename)

| mysql-brute:

| Accounts

| No valid accounts found

| Statistics

|_ Performed 2611 guesses in 666 seconds, average tps: 3

| mysql-info: Protocol: 10

| Version: 5.5.27-log

| Thread ID: 36904

| Some Capabilities: Long Passwords, Connect with DB, Compress, ODBC, Transactions, Secure Connection

| Status: Autocommit

|_Salt: v;_NJfDb

|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)

2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port80-TCP:V=6.25%I=7%D=5/8%Time=518AE5F7%P=i686-pc-windows-windows%r(G

SF:etRequest,1AA3,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Wed,\x2008\x20May\x2

SF:02013\x2023:55:43\x20GMT\r\nServer:\x20Apache\r\nX-Powered-By:\x20PHP/5

SF:\.3\.18\r\nX-Pingback:\x20http://www\.berubefarm\.com/xmlrpc\.php\r\nCo

SF:ntent-Length:\x206590\r\nConnection:\x20close\r\nContent-Type:\x20text/

SF:html;\x20charset=UTF-8\r\n\r\n
SF:DTD\x20XHTML\x201\.0\x20Strict//EN\"\x20\"http://www\.w3\.org/TR/xhtml1

SF:/DTD/xhtml1-strict\.dtd\">\n
SF:html\"\x20lang=\"en-US\">\n
SF:>\n
SF:set=UTF-8\"\x20/>\nberube\x20farm\n
SF:s\"\x20content=\"noodp,\x20noydir\"\x20/>\n
SF:"\x20content=\"berube\x20farm\"\x20/>\n
SF:ntent=\"berube\x20farm,\"\x20/>\n
SF:http://www\.berubefarm\.com/wp-content/themes/thesis_18/style\.css\?021

SF:713-154731\"\x20type=\"text/css\"\x20media=\"screen,\x20projection\"\x2

SF:0/>\n
SF:wp-content/th")%r(HTTPOptions,1AA3,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20

SF:Wed,\x2008\x20May\x202013\x2023:55:44\x20GMT\r\nServer:\x20Apache\r\nX-

SF:Powered-By:\x20PHP/5\.3\.18\r\nX-Pingback:\x20http://www\.berubefarm\.c

SF:om/xmlrpc\.php\r\nContent-Length:\x206590\r\nConnection:\x20close\r\nCo

SF:ntent-Type:\x20text/html;\x20charset=UTF-8\r\n\r\n
SF:PUBLIC\x20\"-//W3C//DTD\x20XHTML\x201\.0\x20Strict//EN\"\x20\"http://ww

SF:w\.w3\.org/TR/xhtml1/DTD/xhtml1-strict\.dtd\">\n
SF:/www\.w3\.org/1999/xhtml\"\x20lang=\"en-US\">\n
SF://gmpg\.org/xfn/11\">\n
SF:\"text/html;\x20charset=UTF-8\"\x20/>\nberube\x20farm\n<

SF:meta\x20name=\"robots\"\x20content=\"noodp,\x20noydir\"\x20/>\n
SF:0name=\"description\"\x20content=\"berube\x20farm\"\x20/>\n
SF:e=\"keywords\"\x20content=\"berube\x20farm,\"\x20/>\n
SF:lesheet\"\x20href=\"http://www\.berubefarm\.com/wp-content/themes/thesi

SF:s_18/style\.css\?021713-154731\"\x20type=\"text/css\"\x20media=\"screen

SF:,\x20projection\"\x20/>\n
SF:ww\.berubefarm\.com/wp-content/th");

==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============

SF-Port443-TCP:V=6.25%T=SSL%I=7%D=5/8%Time=518AE654%P=i686-pc-windows-wind

SF:ows%r(GetRequest,1126,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Wed,\x2008\x2

SF:0May\x202013\x2023:57:16\x20GMT\r\nServer:\x20Apache\r\nX-Powered-By:\x

SF:20PHP/5\.3\.18\r\nX-Pingback:\x20http://140dev\.com/wordpress/xmlrpc\.p

SF:hp\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=UT

SF:F-8\r\n\r\n
SF:0\x20Strict//EN\"\x20\"http://www\.w3\.org/TR/xhtml1/DTD/xhtml1-strict\

SF:.dtd\">\n
SF:\"\x20lang=\"en-US\">\n\n<

SF:meta\x20http-equiv=\"Content-Type\"\x20content=\"text/html;\x20charset=

SF:UTF-8\"\x20/>\nTwitter\x20API\x20Programming\x20Tips,\x20Tutoria<br /> <br /> SF:ls,\x20Source\x20Code\x20Libraries\x20and\x20Consulting\x20by\x20Adam\x<br /> <br /> SF:20Green\x20–\x20140Dev\.com\n
SF:content=\"noodp,\x20noydir\"\x20/>\n
SF:ntent=\"The\x20complete\x20source\x20for\x20Twitter\x20API\x20programmi

SF:ng\x20tips,\x20consulting\x20advice,\x20tutorials,\x20and\x20free\x20op

SF:en\x20source\x20code\x20by\x20Adam\x20Green\.\"\x20/>\n
SF:keywords\"\x20content=\"Twitter\x20API\x20Programming\x20Tips,\x20Tutor

SF:ia")%r(HTTPOptions,1126,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Wed,\x2008\

SF:x20May\x202013\x2023:57:22\x20GMT\r\nServer:\x20Apache\r\nX-Powered-By:

SF:\x20PHP/5\.3\.18\r\nX-Pingback:\x20http://140dev\.com/wordpress/xmlrpc\

SF:.php\r\nConnection:\x20close\r\nContent-Type:\x20text/html;\x20charset=

SF:UTF-8\r\n\r\n
SF:\.0\x20Strict//EN\"\x20\"http://www\.w3\.org/TR/xhtml1/DTD/xhtml1-stric

SF:t\.dtd\">\n
SF:tr\"\x20lang=\"en-US\">\n\

SF:n
SF:t=UTF-8\"\x20/>\nTwitter\x20API\x20Programming\x20Tips,\x20Tutor<br /> <br /> SF:ials,\x20Source\x20Code\x20Libraries\x20and\x20Consulting\x20by\x20Adam<br /> <br /> SF:\x20Green\x20–\x20140Dev\.com\n
SF:20content=\"noodp,\x20noydir\"\x20/>\n
SF:content=\"The\x20complete\x20source\x20for\x20Twitter\x20API\x20program

SF:ming\x20tips,\x20consulting\x20advice,\x20tutorials,\x20and\x20free\x20

SF:open\x20source\x20code\x20by\x20Adam\x20Green\.\"\x20/>\n
SF:\"keywords\"\x20content=\"Twitter\x20API\x20Programming\x20Tips,\x20Tut

SF:oria");



Host script results:

| dns-blacklist:

| ATTACK

| all.bl.blocklist.de - FAIL

| SPAM

| list.quorum.to - FAIL

| bl.spamcop.net - FAIL

| all.spamrats.com - FAIL

| sbl.spamhaus.org - FAIL

| dnsbl.inps.de - FAIL

| bl.nszones.com - FAIL

| spam.dnsbl.sorbs.net - FAIL

| l2.apews.org - FAIL

| dnsbl.ahbl.org - FAIL

| PROXY

| dnsbl.tornevall.org - FAIL

| misc.dnsbl.sorbs.net - FAIL

| http.dnsbl.sorbs.net - FAIL

| dnsbl.ahbl.org - FAIL

| tor.dan.me.uk - FAIL

|_ socks.dnsbl.sorbs.net - FAIL

| dns-brute:

| DNS Brute-force hostnames

|_ No results.

|_firewall-bypass: false

|_hostmap-bfk: Error: found no hostnames but not the marker for "no hostnames found" (pattern error?)

|_hostmap-robtex: ERROR: Script execution failed (use -d to debug)

| ip-geolocation-geobytes:

| latitude: 35.5822

| longitude: -80.8122

| city: Mooresville

| region: North Carolina

|_ country: United States

|_ip-geolocation-geoplugin: ERROR: Script execution failed (use -d to debug)

|_ip-geolocation-maxmind: ERROR: Script execution failed (use -d to debug)

| whois: Record found at whois.arin.net

| netrange: 69.174.240.0 - 69.174.255.255

| netname: SERVER-ALLOC-1

| orgname: ServerBeach

| orgid: SERVER-17

| country: US stateprov: TX

|

| orgtechname: IP Admin

|_orgtechemail: ipadmin@serverbeach.com



NSE: Script Post-scanning.

NSE: Starting runlevel 1 (of 3) scan.

Initiating NSE at 20:15

Completed NSE at 20:15, 0.00s elapsed

NSE: Starting runlevel 2 (of 3) scan.

NSE: Starting runlevel 3 (of 3) scan.

Post-scan script results:

| reverse-index:

| 22/tcp: 69.174.246.134

| 80/tcp: 69.174.246.134

| 443/tcp: 69.174.246.134

| 873/tcp: 69.174.246.134

|_ 3306/tcp: 69.174.246.134

Read data files from: C:\Program Files (x86)\Nmap

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 2154.02 seconds

Raw packets sent: 104 (4.160KB) | Rcvd: 0 (0B)

avatar
ZiLe
Admin

Posts : 369
Join date : 2013-11-04

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum