"BEZEQINT.NET EXPLOITATION" By Sneakyone12 (https://pastebin.com/u/Sneakyone12) URL: https://pastebin.com/504YuvFR Created on: Tuesday 14th of April 2015 06:44:41 AM CDT Retrieved on: Saturday 31 of October 2020 06:10:33 AM UTC We Are Anonymous We Are Legion We Do not Forget We do not ForGive Expect us. Rise of the Hacktivist www.bezeqint.net Israel isp Provider > Exploitation @ 45% IP ADDRESS: 212.179.240.8 -- rDNS record for 212.179.240.8: bzq-240-8.red.bezeqint.net PORT STATE SERVICE 80/tcp open http 443/tcp open https ---/ Server Type: BigIP --- HTTP Headers for www.bezeqint.net ============== HTTP/1.0 301 Moved Permanently Location: https://www.bezeqint.net/ Server: BigIP Connection: close Content-Length: 0 --- Name Servers – bezeqint.net Location IP ns1.bezeqint.net 62.219.128.128 - scan report for ns1.bezeqint.net (62.219.128.128) Host is up (0.090s latency). PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http ----/ ns2.bezeqint.net 212.179.7.7 - scan report for ns2.bezeqint.net (212.179.7.7) Host is up (0.11s latency). PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http ----/ ns3.bezeqint.net 192.115.132.132 - scan report for ns3.bezeqint.net (192.115.132.132) Host is up (0.12s latency). PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http -------------------------------------------/ -------------------------------------------/ EXPLOITS TO www.bezeqint.net (212.179.240.8 - Server:Unknown IP Address:212.179.240.8 Port:443 Hostname:www.bezeqint.net - Server does not use secure renegotiation settings Site is more vulnerable to Denial of Service (DOS) attacks - Sessions may be vulnerable to BEAST attack Attackers may be able to decrypt the encrypted SSL traffic - Server has not enabled HTTP Strict-Transport-Security Users may be exposed to man-in-the-middle attacks - Server may have sent unnecessary certificates in the SSL/TLS negotiation Users may experience slower performance - Server has not yet upgraded to a Extended Validation certificate Increase customer confidence by offering visitors the highest level of assurance. --- SSL Configuration Secure renegotiation configured:Fail BEAST Vulnerability:Fail OCSP Stapling:Fail - HTTP Tests: Strict Transport Security:Fail Mixed Content (HTTP and HTTPS):Timed Out Domain name resolves to IPv4 address:Pass Domain name resolves to IPv6 address:Fail --- EXPLOITS TO www.bezeqint.net (212.179.240.156 Server:BigIP IP Address:212.179.240.156 Port:443 Hostname:www.bezeqint.net - Server does not use secure renegotiation settings Site is more vulnerable to Denial of Service (DOS) attacks - Sessions may be vulnerable to BEAST attack Attackers may be able to decrypt the encrypted SSL traffic - Server has not enabled HTTP Strict-Transport-Security Users may be exposed to man-in-the-middle attacks - Server may have sent unnecessary certificates in the SSL/TLS negotiation Users may experience slower performance --- SSL Configuration Secure renegotiation configured:Fail BEAST Vulnerability:Fail OCSP Stapling:Fail - HTTP Tests: Strict Transport Security:Fail Mixed Content (HTTP and HTTPS):Timed Out Domain name resolves to IPv4 address:Pass Domain name resolves to IPv6 address:Fail ----- --------------------------------------------------------------------------- + Target IP: 212.179.240.8 + Target Hostname: www.bezeqint.net + Target Port: 80 + Start Time: 2015-04-14 05:33:35 (GMT-4) --------------------------------------------------------------------------- + Server: BigIP + Root page / redirects to: https://www.bezeqint.net/ + No CGI Directories found (use '-C all' to force check all possible dirs) + OSVDB-3233: /iissamples/sdk/asp/docs/codebrw2.asp: This is a default IIS script/file that should be removed. CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. + OSVDB-3233: /iissamples/sdk/asp/docs/codebrws.asp: This is a default IIS script/file that should be removed. CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. + OSVDB-3233: /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file that should be removed. CVE-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. + OSVDB-3284: /iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example Winmsdp.exe file. Remove all default files from the web root. CVE-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. + OSVDB-789: /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root. CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp. + 6474 items checked: 310 error(s) and 5 item(s) reported on remote host + End Time: 2015-04-14 06:25:16 (GMT-4) (3101 seconds) --------------------------------------------------------------------------- The URL "http://www.bezeqint.net/" has the following allowed methods, which include DAV methods: *, ACL, BASELINE_CONTROL, CHECKIN, CHECKOUT, COPY, DEBUG, GET, HEAD, INDEX, INVALID, INVOKE, LABEL, LINK, LOCK, MERGE, MKACTIVITY, MKCOL, MKDIR, MKWORKSPACE, MOVE, NOTIFY, OPTIONS, PATCH, PIN, POLL, POST, PROPFIND, PROPPATCH, REPLY, REPORT, RMDIR, SEARCH, SHOWMETHOD, SPACEJUMP, SUBSCRIBE, SUBSCRIPTIONS, TEXTSEARCH, TRACE, TRACK, UNCHECKOUT, UNLINK, UNLOCK, UNSUBSCRIBE, VERSION_CONTROL. --- The whole target has no protection (X-Frame-Options header) against ClickJacking attack - The target site has no DNS wildcard, and the contents of http://bezeqint.net differ from the contents of http://www.bezeqint.net. - The mail account: "i.regev@bezeqint.net" was found in the MIT PKS server. - X89 email accounts : The mail account: "botesazan@bezeqint.net" was found in the MIT PKS server. - The mail account: "alex501@bezeqint.net" was found in the MIT PKS server. - The mail account: "aw@bezeqint.net" was found in the MIT PKS server. - The mail account: "anatoly12@bezeqint.net" was found in the MIT PKS server. - The mail account: "ns_golojo@bezeqint.net" was found in the MIT PKS server. - The mail account: "roolf@bezeqint.net" was found in the MIT PKS server - The mail account: "eds4785@bezeqint.net" was found in the MIT PKS server. - The mail account: "levis5@bezeqint.net" was found in the MIT PKS server. - The mail account: "roadrage@bezeqint.net" was found in the MIT PKS server. - The mail account: "yehudi1@bezeqint.net" was found in the MIT PKS server. - The mail account: "talreg@bezeqint.net" was found in the MIT PKS server. - The mail account: "zivel@bezeqint.net" was found in the MIT PKS server. - The mail account: "hnoti@bezeqint.net" was found in the MIT PKS server. - The mail account: "danarmak@bezeqint.net" was found in the MIT PKS server. - The mail account: "eranyahav@bezeqint.net" was found in the MIT PKS server. - The mail account: "shaul_kedem@bezeqint.net" was found in the MIT PKS server -----