Comments

Pages

Friday, 7 September 2012

Information Gathering IS2C-DOJO.COM

Posted by at 23:09 Read our previous post

Information Gathering

[+] Target : http://is2c-dojo.com
[+] Result
  [-] IP Address : 108.162.199.80
  [-] CMS         : Wordpress
  [-] Themes : Coffee Break 2.4.2
  [-] Server               : Linux 2.6.18
  [-] Webserver        : Nginx
  [-] Open Port         : 80 and 8080
  [-] Cloudflare         :
  • ivan.ns.cloudflare.com
  • rita.ns.cloudflare.com
  [-] Mail                  :  aspmx.l.google.com




    Active Scanning

    Scanning using NMAP
    root@bt # nmap -sS -A 108.162.199.80
    nmap is network scanner
    -sS is options for stealth mode
    -A is options for Advanced mode
    108.162.199.80 is ip address of IS2C-dojo.com

    Nmap scan report for 108.162.199.80
    Host is up (0.21s latency).
    Not shown: 996 filtered ports
    PORT     STATE  SERVICE   VERSION
    80/tcp   open   http      cloudflare-nginx
    443/tcp  closed https
    8080/tcp open   http      cloudflare-nginx
    8443/tcp closed https-alt
    Device type: storage-misc
    Running: Linksys Linux 2.6.X
    OS CPE: cpe:/o:linux:kernel:2.6.18
    OS details: Linux 2.6.18
    Network Distance: 10 hops

    TRACEROUTE (using port 443/tcp)
    HOP RTT       ADDRESS
    1   112.32 ms 192.168.1.1
    2   86.35 ms  10.20.30.85
    3   ...
    4   277.67 ms 10.20.161.37
    5   278.70 ms 202.70.56.49
    6   76.32 ms  202.70.56.17
    7   117.10 ms ip-179-125.moratelindo.co.id (202.43.179.125)
    8   130.09 ms supernet-08.1-1-19.edge2-eqx-sin.moratelindo.co.id (202.43.176.114)
    9   280.93 ms 202.79.197.132
    10  280.07 ms 108.162.199.80


    Scanning using Netifera

    1. Add your target into target form, for example is2c-dojo.com and then press the "+" button
    2. Right Click on your target in the left column and select all options what you want.
    3. See in the right column for progress and left column for result


    Scanning using WhatWeb, by run this command:
    ./whatweb -v is2c-dojo.com
    Result :
    URL    : http://is2c-dojo.com                                                                                                                  
    Status : 200                                                                                                                                   
       Cookies --------------------------------------------------------------------                                                                
            Description: Display the names of cookies in the HTTP headers. The                                                                     
                         values are not returned to save on space.                                                                                 
            String     : wfvt_1801216213                                                                                                           
            String     : __cfduid                                                                                                                  
                                                                                                                                                   
       Country --------------------------------------------------------------------                                                                
            Description: Shows the country the IPv4 address belongs to. This uses                                                                  
                         the GeoIP IP2Country database from 
                         http://software77.net/geo-ip/. Instructions on updating the 
                         database are in the plugin comments. 
            String     : UNITED STATES
            Module     : US
    
       Frame ----------------------------------------------------------------------
            Description: This plugin detects instances of frame and iframe HTML 
                         elements. 
    
       HTTPServer -----------------------------------------------------------------
            Description: HTTP server header string. This plugin also attempts to 
                         identify the operating system from the server header. 
            String     : cloudflare-nginx (from server string)
    
       IP -------------------------------------------------------------------------
            Description: IP address of the target, if available. 
            String     : 108.162.199.180
    
       JQuery ---------------------------------------------------------------------
            Description: Javascript library 
            Version    : 1.7.2,2866
    
       MetaGenerator --------------------------------------------------------------
            Description: This plugin identifies meta generator tags and extracts its 
                         value. 
            String     : Coffee Break 2.4.2,WooFramework 5.3.12
    
       Title ----------------------------------------------------------------------
            Description: The HTML page title 
            String     : IS2C | Information Security Shinobi Camp (from page title)
    
       UncommonHeaders ------------------------------------------------------------
            Description: Uncommon HTTP server headers. The blacklist includes all 
                         the standard headers and many non standard but common ones. 
                         Interesting but fairly common headers should have their own 
                         plugins, eg. x-powered-by, server and x-aspnet-version. 
                         Info about headers can be found at www.http-stats.com 
            String     : x-pingback,link (from headers)
    
       WooFramework ---------------------------------------------------------------
            Description: WooFramework - theme framework - 
                         http://www.woothemes.com/wooframework/ 
            Version    : 5.3.12
    
       WordPress ------------------------------------------------------------------
            Description: WordPress is an opensource blogging system commonly used as 
                         a CMS. Homepage: http://www.wordpress.org/ 
    
       X-Cache --------------------------------------------------------------------
            Description: This plugin identifies the X-Cache HTTP header and extracts 
                         the value. 
            String     : proxy.xxxx.xx.xx
    
       cloudflare -----------------------------------------------------------------
            Description: ClouldFlare - https://www.cloudflare.com/ 
    
       x-pingback -----------------------------------------------------------------
            Description: A pingback is one of three types of linkbacks, methods for 
                         Web authors to request notification when somebody links to 
                         one of their documents. This enables authors to keep track 
                         of who is linking to, or referring to their articles. Some 
                         weblog software, such as Movable Type, Serendipity, 
                         WordPress and Telligent Community, support automatic 
                         pingbacks 
            String     : http://is2c-dojo.com/xmlrpc.php
    

    Scanning using Dmitry
    root@bt# dmitry -w is2c-dojo.com
    result,
    Deepmagic Information Gathering Tool
    "There be some deep magic going on"
    
    HostIP:108.162.199.180
    HostName:is2c-dojo.com
    
    Gathered Inic-whois information for is2c-dojo.com
    ---------------------------------
    ^[[B^[[B^[[B   Domain Name: IS2C-DOJO.COM
       Registrar: CV. JOGJACAMP
       Whois Server: whois.resellercamp.com
       Referral URL: http://www.resellercamp.com
       Name Server: IVAN.NS.CLOUDFLARE.COM
       Name Server: RITA.NS.CLOUDFLARE.COM
       Status: clientTransferProhibited
       Updated Date: 01-jun-2012
       Creation Date: 14-jan-2012
       Expiration Date: 14-jan-2013
    
    >>> Last update of whois database: Mon, 10 Sep 2012 06:33:46 UTC <<<
    
    Passive Scanning 1. Visual Tracert http://www.yougetsignal.com/tools/visual-tracert/
    2. Reverse Email Lookup http://www.spokeo.com/email-search/search?e=pendaftaran@is2c-dojo.com&g=email_A6417972546
    3. Reverse IP Domain Check http://www.yougetsignal.com/tools/web-sites-on-web-server/
    4. Whois Lookup http://www.yougetsignal.com/tools/whois-lookup/
    Creation Date: 14-Jan-2012
    Expiration Date: 14-Jan-2013
    Domain servers in listed order:
    ivan.ns.cloudflare.com
    rita.ns.cloudflare.com 5. Scan using Robtex.com http://www.robtex.com/dns/is2c-dojo.com.html
    6. Info from IS2C-DOJO.com Jl. Raya Janti Ex-BRI Janti Seberang Pasar Angkasa Ring Road Timur Bantul, Yogyakarta 55198 Phone:+6287890364555, Email:pendaftaran[at]is2c-dojo.com

    No comments:

    Post a Comment

    ©2012 SECURITY is powered by Blogger - Template designed by Stramaxon - Best SEO Template