|
Penetration Testing
Brief Analysis of inj3ct0r.com Nov 04 2009 02:07PM Jon Kibler (Jon Kibler aset com) (1 replies) Re: Brief Analysis of inj3ct0r.com Nov 05 2009 01:33PM djamel djamel (djamel10 gmail com) (1 replies) |
|
|
Privacy Statement |
Inj3ct0r.com shows the output with a smtp having title "WAteam" and
the title at 80 port is also same. Also , site is not working right
now.
DO NOT SUBMIT/VISIT ANY 0day Exploit at this site.
Here is the nmap scan result for the inj3ct0r
Host 8.101.120.77.colo.static.dc.volia.com (77.120.101.8) appears to
be up ... good.
Interesting ports on 8.101.120.77.colo.static.dc.volia.com (77.120.101.8):
Not shown: 985 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp ProFTPD 1.3.0
|_ FTP bounce check: no banner
22/tcp open ssh OpenSSH 4.3p2 Debian 9etch3 (protocol 2.0)
25/tcp open smtp Postfix smtpd
|_ SMTPcommands: EHLO wateam.localdomain, PIPELINING, SIZE 10240000,
VRFY, ETRN, AUTH LOGIN PLAIN, AUTH=LOGIN PLAIN, ENHANCEDSTATUSCODES,
8BITMIME, 250 DSN
53/tcp open domain?
80/tcp open http Apache httpd 2.2.3 ((Debian))
|_ HTML title: WAteam server
110/tcp open pop3 Openwall popa3d
|_ POP3 Capabilites: capa
111/tcp filtered rpcbind
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
1720/tcp filtered H.323/Q.931
1723/tcp open pptp linux (Firmware: 1)
2049/tcp filtered nfs
3306/tcp open mysql MySQL 5.0.32-Debian_7etch11
| MySQL Server Information: Protocol: 10
| Version: 5.0.32-Debian_7etch11
| Thread ID: 33073
| Some Capabilities: Connect with DB, Compress, Transactions, Secure Connection
| Status: Autocommit
|_ Salt: vh'',G`/g<53>!'BS\Tq
12345/tcp filtered netbus
On Thu, Nov 5, 2009 at 8:33 PM, Jon Kibler <Jon.Kibler (at) aset (dot) com [email concealed]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> djamel djamel wrote:
>> is there any GOOD alternative other than packet storm???
>>
>
> Milw0rm will be back soon. See: "Milw0rm / Str0ke Not Dead" from yesterday.
>
> Jon
> - --
> Jon R. Kibler
> Chief Technical Officer
> Advanced Systems Engineering Technology, Inc.
> Charleston, SC USA
> o: 843-849-8214
> c: 843-813-2924
> s: 843-564-4224
> s: JonRKibler
> e: Jon.Kibler (at) aset (dot) com [email concealed]
> e: Jon.R.Kibler (at) gmail (dot) com [email concealed]
> http://www.linkedin.com/in/jonrkibler
>
> My PGP Fingerprint is:
> BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkry6VUACgkQUVxQRc85QlNqOACghARpS6VnO9g8YpQRV6vg0h6u
> Zp8An1bo+XKaOoGoPA9pkYPBtbWxkR7Y
> =96wx
> -----END PGP SIGNATURE-----
>
>
>
>
> ==================================================
> Filtered by: TRUSTEM.COM's Email Filtering Service
> http://www.trustem.com/
> No Spam. No Viruses. Just Good Clean Email.
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]