141 lines
5.2 KiB
Plaintext
141 lines
5.2 KiB
Plaintext
# Nmap 7.93 scan initiated Sat Jan 28 20:07:25 2023 as: nmap -vv --reason -Pn -T4 -sV -p 80 "--script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN /home/kali/htb/results/scans/tcp80/tcp_80_http_nmap.txt -oX /home/kali/htb/results/scans/tcp80/xml/tcp_80_http_nmap.xml 10.129.123.2
|
|
Nmap scan report for encoding.htb (10.129.123.2)
|
|
Host is up, received user-set (0.025s latency).
|
|
Scanned at 2023-01-28 20:07:26 CET for 160s
|
|
|
|
Bug in http-security-headers: no string output.
|
|
PORT STATE SERVICE REASON VERSION
|
|
80/tcp open http syn-ack ttl 63 Apache httpd 2.4.52 ((Ubuntu))
|
|
|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
|
|
|_http-mobileversion-checker: No mobile version detected.
|
|
|_http-server-header: Apache/2.4.52 (Ubuntu)
|
|
|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
|
|
|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
|
|
| http-referer-checker:
|
|
| Spidering limited to: maxpagecount=30
|
|
| https://ajax.googleapis.com:443/ajax/libs/jquery/3.6.0/jquery.min.js
|
|
|_ https://maxcdn.bootstrapcdn.com:443/bootstrap/3.4.1/js/bootstrap.min.js
|
|
|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
|
|
|_http-fetch: Please enter the complete path of the directory to save data in.
|
|
|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
|
|
|_http-litespeed-sourcecode-download: Request with null byte did not work. This web server might not be vulnerable
|
|
|_http-feed: Couldn't find any feeds.
|
|
|_http-jsonp-detection: Couldn't find any JSONP endpoints.
|
|
|_http-csrf: Couldn't find any CSRF vulnerabilities.
|
|
| http-useragent-tester:
|
|
| Status for browser useragent: 200
|
|
| Allowed User Agents:
|
|
| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
|
|
| libwww
|
|
| lwp-trivial
|
|
| libcurl-agent/1.0
|
|
| PHP/
|
|
| Python-urllib/2.5
|
|
| GT::WWW
|
|
| Snoopy
|
|
| MFC_Tear_Sample
|
|
| HTTP::Lite
|
|
| PHPCrawl
|
|
| URI::Fetch
|
|
| Zend_Http_Client
|
|
| http client
|
|
| PECL::HTTP
|
|
| Wget/1.13.4 (linux-gnu)
|
|
|_ WWW-Mechanize/1.34
|
|
| http-headers:
|
|
| Date: Sat, 28 Jan 2023 19:07:19 GMT
|
|
| Server: Apache/2.4.52 (Ubuntu)
|
|
| Connection: close
|
|
| Content-Type: text/html; charset=UTF-8
|
|
|
|
|
|_ (Request type: HEAD)
|
|
| http-comments-displayer:
|
|
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=encoding.htb
|
|
|
|
|
| Path: http://encoding.htb:80/assets/css/main.css
|
|
| Line number: 29
|
|
| Comment:
|
|
| /* The textarea itself */
|
|
|
|
|
| Path: http://encoding.htb:80/assets/css/main.css
|
|
| Line number: 14
|
|
| Comment:
|
|
| /* Containing areas */
|
|
|
|
|
| Path: http://encoding.htb:80/assets/css/main.css
|
|
| Line number: 41
|
|
| Comment:
|
|
| /* The status bar */
|
|
|
|
|
| Path: http://encoding.htb:80/assets/css/main.css
|
|
| Line number: 1
|
|
| Comment:
|
|
| /* Import Google Font */
|
|
|
|
|
| Path: http://encoding.htb:80/assets/css/main.css
|
|
| Line number: 63
|
|
| Comment:
|
|
| /* The submit button */
|
|
|
|
|
| Path: http://encoding.htb:80/assets/css/main.css
|
|
| Line number: 4
|
|
| Comment:
|
|
|_ /* RESET */
|
|
|_http-dombased-xss: Couldn't find any DOM based XSS.
|
|
|_http-errors: Couldn't find any error pages.
|
|
| http-fileupload-exploiter:
|
|
|
|
|
| Couldn't find a file-type field.
|
|
|
|
|
|_ Couldn't find a file-type field.
|
|
| http-sitemap-generator:
|
|
| Directory structure:
|
|
| /
|
|
| Other: 1; php: 1
|
|
| /assets/css/
|
|
| css: 1
|
|
| /assets/img/
|
|
| png: 1
|
|
| /assets/js/
|
|
| js: 1
|
|
| Longest directory structure:
|
|
| Depth: 2
|
|
| Dir: /assets/img/
|
|
| Total files found (by extension):
|
|
|_ Other: 1; css: 1; js: 1; php: 1; png: 1
|
|
|_http-date: Sat, 28 Jan 2023 19:07:18 GMT; -18s from local time.
|
|
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|
|
| http-traceroute:
|
|
| HTML title
|
|
| Hop #1: 400 Proxy Error
|
|
| Hop #2: HaxTables
|
|
| Hop #3: HaxTables
|
|
| Status Code
|
|
| Hop #1: 400
|
|
| Hop #2: 200
|
|
| Hop #3: 200
|
|
| content-type
|
|
| Hop #1: text/html; charset=iso-8859-1
|
|
| Hop #2: text/html; charset=UTF-8
|
|
| Hop #3: text/html; charset=UTF-8
|
|
| content-length
|
|
| Hop #1: 424
|
|
| Hop #2
|
|
|_ Hop #3
|
|
|_http-title: HaxTables
|
|
|_http-malware-host: Host appears to be clean
|
|
| http-enum:
|
|
|_ /includes/: Potentially interesting folder
|
|
| http-php-version: Logo query returned unknown hash 6f7d4fa5b2f90ff61821fd1e824a06fa
|
|
|_Credits query returned unknown hash 6f7d4fa5b2f90ff61821fd1e824a06fa
|
|
|_http-config-backup: ERROR: Script execution failed (use -d to debug)
|
|
| http-methods:
|
|
|_ Supported Methods: GET HEAD POST OPTIONS
|
|
|_http-chrono: Request times for /; avg: 172.22ms; min: 158.15ms; max: 186.15ms
|
|
| http-vhosts:
|
|
|_128 names had status 200
|
|
|
|
Read data files from: /usr/bin/../share/nmap
|
|
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
|
|
# Nmap done at Sat Jan 28 20:10:06 2023 -- 1 IP address (1 host up) scanned in 160.94 seconds
|