https://pastein.ru/t/xC
скопируйте уникальную ссылку для отправки
| Completed NSE at 19:28, 0.00s elapsed
| Initiating NSE at 19:28
| Completed NSE at 19:28, 0.00s elapsed
| Initiating NSE at 19:28
| Completed NSE at 19:28, 0.00s elapsed
| Initiating Ping Scan at 19:28
| Scanning sgo.cit73.ru (89.239.135.148) [4 ports]
| Completed Ping Scan at 19:28, 3.04s elapsed (1 total hosts)
| Nmap scan report for sgo.cit73.ru (89.239.135.148) [host down]
| NSE: Script Post-scanning.
| Initiating NSE at 19:28
| Completed NSE at 19:28, 0.00s elapsed
| Initiating NSE at 19:28
| Completed NSE at 19:28, 0.00s elapsed
| Initiating NSE at 19:28
| Completed NSE at 19:28, 0.00s elapsed
| Read data files from: /usr/bin/../share/nmap
| Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
| Nmap done: 1 IP address (0 hosts up) scanned in 4.71 seconds
| Raw packets sent: 6 (224B) | Rcvd: 0 (0B)
===================================================================================================
|
| Directory check:
| [+] CODE: 200 URL: http://sgo.cit73.ru/Help/
| [+] CODE: 200 URL: http://sgo.cit73.ru/help/
===================================================================================================
|
| File check:
| [+] CODE: 200 URL: http://sgo.cit73.ru/index.html
| [+] CODE: 200 URL: http://sgo.cit73.ru/robots.txt
===================================================================================================
|
| Check robots.txt:
| [+] User-agent: *
| [+] Disallow: /vendor/
| [+] Disallow: /static/
| [+] Disallow: /js/
|
| Check sitemap.xml:
===================================================================================================
|
| Crawler Started:
| Plugin name: FCKeditor upload test v.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Upload Form Detect v.1.1 Loaded.
| Plugin name: Code Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1.1 Loaded.
| Plugin name: External Host Detect v.1.2 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| [+] Crawling finished, 1038 URL's found!
|
| FCKeditor File Upload:
|
| Timthumb:
|
| File Upload Forms:
|
| Source Code Disclosure:
|
| E-mails:
| [+] E-mail Found: school@nd.ru
| [+] E-mail Found: abcde@corp.mail.ru
|
| External hosts:
|
| PHPinfo() Disclosure:
|
| Web Backdoors:
|
| Ignored Files:
| http://sgo.cit73.ru/static/dist/lng/language_ru_0.js?ver=4.50.48300.145
| http://sgo.cit73.ru/vendor/pages/about/css/start-page.min.css?ver=4.50.48300.145
| http://sgo.cit73.ru/static/dist/lng/language_ru.js?ver=4.50.48300.145
| http://sgo.cit73.ru/static/dist/common/js/core-scripts.min.js?ver=4.50.48300.145
| http://sgo.cit73.ru/vendor/pages/about/js/about.min.js?ver=4.50.48300.145
| http://sgo.cit73.ru/extras/about.css?ver=4.50.48300.145
| http://sgo.cit73.ru/vendor/pages/about/js/login.min.js?ver=4.50.48300.145
===================================================================================================
| Dynamic tests:
| Plugin name: Learning New Directories v.1.2 Loaded.
| Plugin name: FCKedior tests v.1.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Find Backup Files v.1.2 Loaded.
| Plugin name: Blind SQL-injection tests v.1.3 Loaded.
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.2 Loaded.
| Plugin name: SQL-injection tests v.1.2 Loaded.
| Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
| Plugin name: Web Shell Finder v.1.3 Loaded.
| [+] 7 New directories added
|
|
| FCKeditor tests:
|
|
| Timthumb < 1.33 vulnerability:
|
|
| Backup Files:
|
|
| Blind SQL Injection:
|
|
| Local File Include:
|
|
| PHP CGI Argument Injection:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
|
|
| SQL Injection:
|
|
| Cross-Site Scripting (XSS):
|
|
| Web Shell Finder:
===================================================================================================
| Static tests:
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.1 Loaded.
|
|
| Local File Include:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
===================================================================================================
| Stress tests:
| Plugin name: Mini Stress Test v.1.1 Loaded.
|
|
| Mini Stress Test:
| Looking for best cost:
| Cost: [1] http://sgo.cit73.ru/extras/css/
| Cost: [2] http://sgo.cit73.ru/vendor/startpage/files/
| Cost: [9] http://sgo.cit73.ru/help/editschoolsubject.htm
| Using http://sgo.cit73.ru/help/editschoolsubject.htm as target
