Well, this is probably the worst idea, but I have found the following;
[Only registered and activated users can see links. Click Here To Register...]
Ports 22, 25, 80, 110 show open
I have tried ftp anon login through port 80 and ssl anon login through port 22, however I'm no network guru.
I know these are file servers for the webhost but from this i have found;
The IP address of credit.91.com is 208.96.12.132
The IP address of co.91.com is 208.113.97.208
The IP address of vips.91.com is 208.96.12.132
[Only registered and activated users can see links. Click Here To Register...]
This last one will have all of the account logins.
The registered name for the servers is ; [Only registered and activated users can see links. Click Here To Register...]
the best i can get from a cgi test is;
#!/bin/sh
# disable filename globbing
set -f
echo "Content-type: text/plain; charset=iso-8859-1"
echo
echo CGI/1.0 test script report:
echo
echo argc is $#. argv is "$*".
echo
echo SERVER_SOFTWARE = $SERVER_SOFTWARE
echo SERVER_NAME = $SERVER_NAME
echo GATEWAY_INTERFACE = $GATEWAY_INTERFACE
echo SERVER_PROTOCOL = $SERVER_PROTOCOL
echo SERVER_PORT = $SERVER_PORT
echo REQUEST_METHOD = $REQUEST_METHOD
echo HTTP_ACCEPT = "$HTTP_ACCEPT"
echo PATH_INFO = "$PATH_INFO"
echo PATH_TRANSLATED = "$PATH_TRANSLATED"
echo SCRIPT_NAME = "$SCRIPT_NAME"
echo QUERY_STRING = "$QUERY_STRING"
echo REMOTE_HOST = $REMOTE_HOST
echo REMOTE_ADDR = $REMOTE_ADDR
echo REMOTE_USER = $REMOTE_USER
echo AUTH_TYPE = $AUTH_TYPE
echo CONTENT_TYPE = $CONTENT_TYPE
echo CONTENT_LENGTH = $CONTENT_LENGTH
If any one knows some exploit to hacking web servers please pm me as I would like to move this forward.
Edit* Tried to brute force ftp and http socks for username and password using hydra, but nothing came back.
Naddo1 :rolleyes:
__________________________________________________ _____________________
HIT THE THANKS BUTTON ----------------------------------|
[Only registered and activated users can see links. Click Here To Register...]
Ports 22, 25, 80, 110 show open
I have tried ftp anon login through port 80 and ssl anon login through port 22, however I'm no network guru.
I know these are file servers for the webhost but from this i have found;
The IP address of credit.91.com is 208.96.12.132
The IP address of co.91.com is 208.113.97.208
The IP address of vips.91.com is 208.96.12.132
[Only registered and activated users can see links. Click Here To Register...]
This last one will have all of the account logins.
The registered name for the servers is ; [Only registered and activated users can see links. Click Here To Register...]
the best i can get from a cgi test is;
#!/bin/sh
# disable filename globbing
set -f
echo "Content-type: text/plain; charset=iso-8859-1"
echo
echo CGI/1.0 test script report:
echo
echo argc is $#. argv is "$*".
echo
echo SERVER_SOFTWARE = $SERVER_SOFTWARE
echo SERVER_NAME = $SERVER_NAME
echo GATEWAY_INTERFACE = $GATEWAY_INTERFACE
echo SERVER_PROTOCOL = $SERVER_PROTOCOL
echo SERVER_PORT = $SERVER_PORT
echo REQUEST_METHOD = $REQUEST_METHOD
echo HTTP_ACCEPT = "$HTTP_ACCEPT"
echo PATH_INFO = "$PATH_INFO"
echo PATH_TRANSLATED = "$PATH_TRANSLATED"
echo SCRIPT_NAME = "$SCRIPT_NAME"
echo QUERY_STRING = "$QUERY_STRING"
echo REMOTE_HOST = $REMOTE_HOST
echo REMOTE_ADDR = $REMOTE_ADDR
echo REMOTE_USER = $REMOTE_USER
echo AUTH_TYPE = $AUTH_TYPE
echo CONTENT_TYPE = $CONTENT_TYPE
echo CONTENT_LENGTH = $CONTENT_LENGTH
If any one knows some exploit to hacking web servers please pm me as I would like to move this forward.
Edit* Tried to brute force ftp and http socks for username and password using hydra, but nothing came back.
Naddo1 :rolleyes:
__________________________________________________ _____________________
HIT THE THANKS BUTTON ----------------------------------|
