simon/CTF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
109e1dd8fbeacb8a8fca4d7d14d323a05f3bb297
CTF/HTB/trick/results/scans/tcp80/tcp_80_http_nmap.txt
Simon 82b0759f1e init htb 
old htb folders
2023-08-29 21:53:22 +02:00

106 lines
4.5 KiB
Plaintext
Raw Blame History

# Nmap 7.93 scan initiated Sat Jan 21 18:40:18 2023 as: nmap -vv --reason -Pn -T4 -sV -p 80 "--script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN /home/simon/htb/trick/results/scans/tcp80/tcp_80_http_nmap.txt -oX /home/simon/htb/trick/results/scans/tcp80/xml/tcp_80_http_nmap.xml 10.129.227.180
Nmap scan report for trick.htb (10.129.227.180)
Host is up, received user-set (0.026s latency).
Scanned at 2023-01-21 18:40:20 UTC for 56s
Bug in http-security-headers: no string output.
PORT STATE SERVICE REASON VERSION
80/tcp open http syn-ack nginx 1.14.2
| http-sitemap-generator:
| Directory structure:
| /
| Other: 1
| /assets/
| ico: 1
| /assets/mp4/
| mp4: 1
| /css/
| css: 1
| /js/
| js: 1
| Longest directory structure:
| Depth: 2
| Dir: /assets/mp4/
| Total files found (by extension):
|_ Other: 1; css: 1; ico: 1; js: 1; mp4: 1
|_http-errors: Couldn't find any error pages.
|_http-feed: Couldn't find any feeds.
| http-php-version: Logo query returned unknown hash e716b8bf5e0fdacb3997e7f14f599386
|_Credits query returned unknown hash e716b8bf5e0fdacb3997e7f14f599386
|_http-jsonp-detection: Couldn't find any JSONP endpoints.
| http-vhosts:
|_128 names had status 200
|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
| http-headers:
| Server: nginx/1.14.2
| Date: Sat, 21 Jan 2023 18:40:30 GMT
| Content-Type: text/html
| Content-Length: 5480
| Last-Modified: Wed, 23 Mar 2022 16:34:04 GMT
| Connection: close
| ETag: "623b4bfc-1568"
| Accept-Ranges: bytes
|
|_ (Request type: HEAD)
|_http-litespeed-sourcecode-download: Request with null byte did not work. This web server might not be vulnerable
|_http-favicon: Unknown favicon MD5: 556F31ACD686989B1AFCF382C05846AA
|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
|_http-fetch: Please enter the complete path of the directory to save data in.
|_http-mobileversion-checker: No mobile version detected.
|_http-comments-displayer: Couldn't find any comments.
|_http-date: Sat, 21 Jan 2023 18:40:29 GMT; +2s from local time.
| http-useragent-tester:
| Status for browser useragent: 200
| Allowed User Agents:
| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
| libwww
| lwp-trivial
| libcurl-agent/1.0
| PHP/
| Python-urllib/2.5
| GT::WWW
| Snoopy
| MFC_Tear_Sample
| HTTP::Lite
| PHPCrawl
| URI::Fetch
| Zend_Http_Client
| http client
| PECL::HTTP
| Wget/1.13.4 (linux-gnu)
|_ WWW-Mechanize/1.34
|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
|_http-config-backup: ERROR: Script execution failed (use -d to debug)
| http-vuln-cve2011-3192:
| VULNERABLE:
| Apache byterange filter DoS
| State: VULNERABLE
| IDs: CVE:CVE-2011-3192 BID:49303
| The Apache web server is vulnerable to a denial of service attack when numerous
| overlapping byte ranges are requested.
| Disclosure date: 2011-08-19
| References:
| https://www.tenable.com/plugins/nessus/55976
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
| https://www.securityfocus.com/bid/49303
|_ https://seclists.org/fulldisclosure/2011/Aug/175
|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-csrf: Couldn't find any CSRF vulnerabilities.
|_http-chrono: Request times for /; avg: 222.14ms; min: 163.13ms; max: 317.35ms
|_http-server-header: nginx/1.14.2
| http-referer-checker:
| Spidering limited to: maxpagecount=30
| https://cdn.jsdelivr.net:443/npm/bootstrap15.1.3/dist/js/bootstrap.bundle.min.js
| https://cdn.startbootstrap.com:443/sb-forms-0.4.1.js
|_ https://use.fontawesome.com:443/releases/v6.1.0/js/all.js
|_http-malware-host: Host appears to be clean
| http-methods:
|_ Supported Methods: GET HEAD
|_http-title: Coming Soon - Start Bootstrap Theme
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sat Jan 21 18:41:16 2023 -- 1 IP address (1 host up) scanned in 57.78 seconds
Reference in New Issue View Git Blame Copy Permalink