We Are Anonymous
We Are Legion
We Do not Forget
We do not ForGive
Expect us.
 
Rise of the Hacktivist
 
 
www.bezeqint.net  Israel isp Provider > Exploitation @ 45%
 
IP ADDRESS:  212.179.240.8
--
rDNS record for 212.179.240.8: bzq-240-8.red.bezeqint.net
PORT     STATE    SERVICE
80/tcp   open     http
443/tcp  open     https
---/   
Server Type:    BigIP
---
HTTP Headers for www.bezeqint.net
==============
 
HTTP/1.0 301 Moved Permanently
Location: https://www.bezeqint.net/
Server: BigIP
Connection: close
Content-Length: 0
---
Name Servers – bezeqint.net
                         
Location                   IP
 
ns1.bezeqint.net     62.219.128.128
-
scan report for ns1.bezeqint.net (62.219.128.128)
Host is up (0.090s latency).
PORT     STATE    SERVICE
22/tcp   open     ssh
53/tcp   open     domain
80/tcp   open     http
----/
 
ns2.bezeqint.net     212.179.7.7
-
scan report for ns2.bezeqint.net (212.179.7.7)
Host is up (0.11s latency).
PORT     STATE    SERVICE
22/tcp   open     ssh
53/tcp   open     domain
80/tcp   open     http
----/
 
ns3.bezeqint.net    192.115.132.132
-
scan report for ns3.bezeqint.net (192.115.132.132)
Host is up (0.12s latency).
PORT     STATE    SERVICE
22/tcp   open     ssh
53/tcp   open     domain
80/tcp   open     http
-------------------------------------------/
-------------------------------------------/
EXPLOITS TO www.bezeqint.net (212.179.240.8
-
Server:Unknown
IP Address:212.179.240.8
Port:443
Hostname:www.bezeqint.net
-
Server does not use secure renegotiation settings
Site is more vulnerable to Denial of Service (DOS) attacks
-
Sessions may be vulnerable to BEAST attack
Attackers may be able to decrypt the encrypted SSL traffic
-
Server has not enabled HTTP Strict-Transport-Security
Users may be exposed to man-in-the-middle attacks
-
Server may have sent unnecessary certificates in the SSL/TLS negotiation
Users may experience slower performance
-
Server has not yet upgraded to a Extended Validation certificate
Increase customer confidence by offering visitors the highest level of assurance.
---
 
SSL Configuration
 
Secure renegotiation configured:Fail
BEAST Vulnerability:Fail
OCSP Stapling:Fail
-
HTTP Tests:
 
Strict Transport Security:Fail
Mixed Content (HTTP and HTTPS):Timed Out
Domain name resolves to IPv4 address:Pass
Domain name resolves to IPv6 address:Fail
---
 
EXPLOITS TO www.bezeqint.net (212.179.240.156
 
Server:BigIP
IP Address:212.179.240.156
Port:443
Hostname:www.bezeqint.net
-
Server does not use secure renegotiation settings
Site is more vulnerable to Denial of Service (DOS) attacks
-
Sessions may be vulnerable to BEAST attack
Attackers may be able to decrypt the encrypted SSL traffic
-
Server has not enabled HTTP Strict-Transport-Security
Users may be exposed to man-in-the-middle attacks
-
Server may have sent unnecessary certificates in the SSL/TLS negotiation
Users may experience slower performance
---
 
SSL Configuration
 
Secure renegotiation configured:Fail
BEAST Vulnerability:Fail
OCSP Stapling:Fail
-
HTTP Tests:
 
Strict Transport Security:Fail
Mixed Content (HTTP and HTTPS):Timed Out
Domain name resolves to IPv4 address:Pass
Domain name resolves to IPv6 address:Fail
-----
---------------------------------------------------------------------------
+ Target IP:          212.179.240.8
+ Target Hostname:    www.bezeqint.net
+ Target Port:        80
+ Start Time:         2015-04-14 05:33:35 (GMT-4)
---------------------------------------------------------------------------
+ Server: BigIP
+ Root page / redirects to: https://www.bezeqint.net/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ OSVDB-3233: /iissamples/sdk/asp/docs/codebrw2.asp: This is a default IIS script/file that should be removed. CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
+ OSVDB-3233: /iissamples/sdk/asp/docs/codebrws.asp: This is a default IIS script/file that should be removed. CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
+ OSVDB-3233: /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file that should be removed. CVE-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
+ OSVDB-3284: /iissamples/sdk/asp/docs/Winmsdp.exe?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example Winmsdp.exe file. Remove all default files from the web root. CVE-1999-0738. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
+ OSVDB-789: /iissamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/default.asp: IIS may be vulnerable to source code viewing via the example CodeBrws.asp file. Remove all default files from the web root. CVE-1999-0739. http://www.microsoft.com/technet/security/bulletin/MS99-013.asp.
+ 6474 items checked: 310 error(s) and 5 item(s) reported on remote host
+ End Time:           2015-04-14 06:25:16 (GMT-4) (3101 seconds)
---------------------------------------------------------------------------
 
The URL "http://www.bezeqint.net/" has the following allowed methods, which include DAV methods: *, ACL, BASELINE_CONTROL, CHECKIN, CHECKOUT, COPY, DEBUG, GET, HEAD, INDEX, INVALID, INVOKE, LABEL, LINK, LOCK, MERGE, MKACTIVITY, MKCOL, MKDIR, MKWORKSPACE, MOVE, NOTIFY, OPTIONS, PATCH, PIN, POLL, POST, PROPFIND, PROPPATCH, REPLY, REPORT, RMDIR, SEARCH, SHOWMETHOD, SPACEJUMP, SUBSCRIBE, SUBSCRIPTIONS, TEXTSEARCH, TRACE, TRACK, UNCHECKOUT, UNLINK, UNLOCK, UNSUBSCRIBE, VERSION_CONTROL.
---
 
The whole target has no protection (X-Frame-Options header) against ClickJacking attack
-
The target site has no DNS wildcard, and the contents of http://bezeqint.net differ from the contents of http://www.bezeqint.net.
-
The mail account: "i.regev@bezeqint.net" was found in the MIT PKS server.
-
X89 email accounts :
 
The mail account: "botesazan@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "alex501@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "aw@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "anatoly12@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "ns_golojo@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "roolf@bezeqint.net" was found in the MIT PKS server
-
The mail account: "eds4785@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "levis5@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "roadrage@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "yehudi1@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "talreg@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "zivel@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "hnoti@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "danarmak@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "eranyahav@bezeqint.net" was found in the MIT PKS server.
-
The mail account: "shaul_kedem@bezeqint.net" was found in the MIT PKS server
-----