simon/CTF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
82b0759f1e2d4df30661244ea3d6465057d00c5a
CTF/HTB/results/keeper.htb/scans/tcp80/tcp_80_http_nmap.txt
Simon 82b0759f1e init htb 
old htb folders
2023-08-29 21:53:22 +02:00

94 lines
4.1 KiB
Plaintext
Raw Blame History

# Nmap 7.93 scan initiated Tue Aug 29 21:01:43 2023 as: nmap -vv --reason -Pn -T4 -sV -p 80 "--script=banner,(http* or ssl*) and not (brute or broadcast or dos or external or http-slowloris* or fuzzer)" -oN /home/simon/CTF/HTB/results/keeper.htb/scans/tcp80/tcp_80_http_nmap.txt -oX /home/simon/CTF/HTB/results/keeper.htb/scans/tcp80/xml/tcp_80_http_nmap.xml keeper.htb
Nmap scan report for keeper.htb (10.10.11.227)
Host is up, received user-set (0.036s latency).
Scanned at 2023-08-29 21:01:46 CEST for 63s
Bug in http-security-headers: no string output.
PORT STATE SERVICE REASON VERSION
80/tcp open http syn-ack nginx 1.18.0 (Ubuntu)
|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
|_http-referer-checker: Couldn't find any cross-domain scripts.
|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
| http-sitemap-generator:
| Directory structure:
| /
| Other: 1
| Longest directory structure:
| Depth: 0
| Dir: /
| Total files found (by extension):
|_ Other: 1
|_http-date: Tue, 29 Aug 2023 19:01:54 GMT; +1s from local time.
| http-useragent-tester:
| Status for browser useragent: 200
| Allowed User Agents:
| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
| libwww
| lwp-trivial
| libcurl-agent/1.0
| PHP/
| Python-urllib/2.5
| GT::WWW
| Snoopy
| MFC_Tear_Sample
| HTTP::Lite
| PHPCrawl
| URI::Fetch
| Zend_Http_Client
| http client
| PECL::HTTP
| Wget/1.13.4 (linux-gnu)
|_ WWW-Mechanize/1.34
|_http-jsonp-detection: Couldn't find any JSONP endpoints.
|_http-errors: Couldn't find any error pages.
|_http-csrf: Couldn't find any CSRF vulnerabilities.
| http-methods:
|_ Supported Methods: GET HEAD
| http-headers:
| Server: nginx/1.18.0 (Ubuntu)
| Date: Tue, 29 Aug 2023 19:01:55 GMT
| Content-Type: text/html
| Content-Length: 149
| Last-Modified: Wed, 24 May 2023 14:04:44 GMT
| Connection: close
| ETag: "646e197c-95"
| Accept-Ranges: bytes
|
|_ (Request type: HEAD)
| http-php-version: Logo query returned unknown hash 24830e2d33064987e524816b6676af1d
|_Credits query returned unknown hash 24830e2d33064987e524816b6676af1d
|_http-malware-host: Host appears to be clean
| http-vuln-cve2011-3192:
| VULNERABLE:
| Apache byterange filter DoS
| State: VULNERABLE
| IDs: BID:49303 CVE:CVE-2011-3192
| The Apache web server is vulnerable to a denial of service attack when numerous
| overlapping byte ranges are requested.
| Disclosure date: 2011-08-19
| References:
| https://www.securityfocus.com/bid/49303
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
| https://www.tenable.com/plugins/nessus/55976
|_ https://seclists.org/fulldisclosure/2011/Aug/175
|_http-feed: Couldn't find any feeds.
|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
| http-vhosts:
|_128 names had status 200
|_http-server-header: nginx/1.18.0 (Ubuntu)
|_http-comments-displayer: Couldn't find any comments.
|_http-fetch: Please enter the complete path of the directory to save data in.
|_http-litespeed-sourcecode-download: Request with null byte did not work. This web server might not be vulnerable
|_http-chrono: Request times for /; avg: 174.69ms; min: 161.80ms; max: 221.23ms
|_http-mobileversion-checker: No mobile version detected.
|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
|_http-title: Site doesn't have a title (text/html).
|_http-config-backup: ERROR: Script execution failed (use -d to debug)
|_http-dombased-xss: Couldn't find any DOM based XSS.
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Tue Aug 29 21:02:49 2023 -- 1 IP address (1 host up) scanned in 65.96 seconds
Reference in New Issue View Git Blame Copy Permalink