Что то сомнеия меня берут насчёт Киберберкута.
Мне чото так кажется, что Киберберкут, это очередная лажа. И мало того, их могли организавать, для ловли некомпетентных жителей Украины. Вот типа такой провокации. Надо будет ребят подцепить, если заинтересуются и раздербанить енту контору. Это ханипот, для наивных. Ханипот, - переводится, как горшочек с мёдом, для ловли наивных. Хотя, по некоторым результатам заброса, при наличии того, что никакого ответа никто не дождался, делаем выводы. Далее, если хозяева сайта не хотят отвечать, значит они устроят так, чтоб у сайта не было связи с обраткой. А ети сделали. Но ни одному, ответ не пришел.
Напрашиваются вопросы: нахрена обратная связь ?
Не хотите общаться Робингуды, значит отключите от сайта эту функцию. Вот так укровские и ловят наивных, кто им осмелился написать с жалобами на нацистов.
Ребят! Давайте проверим этот сайт на вшивость! Тут уже не мошенничество, где деньги теряют, некоторые неосторажны - могут потерять ЖИЗНЬ! Этот сайт надо проверить! Поснифать и распотрошить его по возможности.
Пока такие данные. Спать пошла.
####################################
# Uniscan project #
# http://uniscan.sourceforge.net/ #
####################################
V. 6.2
Scan date: 15-10-2014 1:22:28
===================================================================================================
| Domain: http://lhttp://cyber-berkut.org/
| IP:
===================================================================================================
===================================================================================================
Scan end date: 15-10-2014 1:22:28
HTML report saved in: report/lhttp:.html
####################################
# Uniscan project #
# http://uniscan.sourceforge.net/ #
####################################
V. 6.2
Scan date: 15-10-2014 1:22:51
===================================================================================================
| Domain: http://lhttp://cyber-berkut.org/
| IP:
===================================================================================================
===================================================================================================
| Looking for Drupal plugins/modules
|
| BANNER GRABBING:
===================================================================================================
===================================================================================================
| PING
|
===================================================================================================
| TRACEROUTE
|
===================================================================================================
| NSLOOKUP
|
| Server: 109.195.48.1
| Address: 109.195.48.1#53
|
| ** server can't find lhttp:: NXDOMAIN
===================================================================================================
| NMAP
|
|
| Starting Nmap 6.46 ( http://nmap.org ) at 2014-10-15 01:22 UTC
| NSE: Loaded 118 scripts for scanning.
| NSE: Script Pre-scanning.
| NSE: Script Post-scanning.
| Read data files from: /usr/bin/../share/nmap
| Nmap done: 0 IP addresses (0 hosts up) scanned in 1.57 seconds
| Raw packets sent: 0 (0B) | Rcvd: 0 (0B)
===================================================================================================
|
| Directory check:
| Skipped because http://lhttp://cyber-berkut.org/uniscan641/ did not return the code 404
===================================================================================================
|
| File check:
| Skipped because http://lhttp://cyber-berkut.org/uniscan697/ did not return the code 404
===================================================================================================
|
| Check robots.txt:
|
| Check sitemap.xml:
===================================================================================================
|
| Crawler Started:
| Plugin name: FCKeditor upload test v.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Upload Form Detect v.1.1 Loaded.
| Plugin name: Code Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1.1 Loaded.
| Plugin name: External Host Detect v.1.2 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| [+] Crawling finished, 1 URL's found!
|
| FCKeditor File Upload:
|
| Timthumb:
|
| File Upload Forms:
|
| Source Code Disclosure:
|
| E-mails:
|
| External hosts:
|
| PHPinfo() Disclosure:
|
| Web Backdoors:
|
| Ignored Files:
===================================================================================================
| Dynamic tests:
| Plugin name: Learning New Directories v.1.2 Loaded.
| Plugin name: FCKedior tests v.1.1 Loaded.
| Plugin name: Timthumb <= 1.32 vulnerability v.1 Loaded.
| Plugin name: Find Backup Files v.1.2 Loaded.
| Plugin name: Blind SQL-injection tests v.1.3 Loaded.
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: PHP CGI Argument Injection v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.2 Loaded.
| Plugin name: SQL-injection tests v.1.2 Loaded.
| Plugin name: Cross-Site Scripting tests v.1.2 Loaded.
| Plugin name: Web Shell Finder v.1.3 Loaded.
| [+] 0 New directories added
|
|
| FCKeditor tests:
| Skipped because http://lhttp://cyber-berkut.org/testing123 did not return the code 404
|
|
| Timthumb < 1.33 vulnerability:
|
|
| Backup Files:
| Skipped because http://lhttp://cyber-berkut.org/testing123 did not return the code 404
|
|
| Blind SQL Injection:
|
|
| Local File Include:
|
|
| PHP CGI Argument Injection:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
|
|
| SQL Injection:
|
|
| Cross-Site Scripting (XSS):
|
|
| Web Shell Finder:
===================================================================================================
| Static tests:
| Plugin name: Local File Include tests v.1.1 Loaded.
| Plugin name: Remote Command Execution tests v.1.1 Loaded.
| Plugin name: Remote File Include tests v.1.1 Loaded.
|
|
| Local File Include:
|
|
| Remote Command Execution:
|
|
| Remote File Include:
===================================================================================================
Scan end date: 15-10-2014 1:23:16
HTML report saved in: report/lhttp:.html
Комментарии
А про косяки на Киберберкут, можно поподробнее?
Поищу ещё - закину сюда.