Estou tentando conseguir acesso aos arquivos que estão em um servidor. Fiz um scan com o nikto e a partir do resultado dei uma pesquisada mas não encontrei muito sobre como posso explorar as possíveis vulns.
O relatório do Nikto foi este:
+ Server: Apache
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Cookie PHPSESSID created without the httponly flag
+ /crossdomain.xml contains a full wildcard entry. See Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
+ /cgi-sys/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
+ /securecontrolpanel/: Web Server Control Panel
+ /webmail/: Web based mail package installed.
+ /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
+ OSVDB-2117: /cpanel/: Web-based control panel
+ OSVDB-3092: /test.txt: This might be interesting...
+ OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
+ OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
+ OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-6694: /.DS_Store: Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version.
+ /controlpanel/: Admin login page/section found.
+ 9951 requests: 0 error(s) and 18 item(s) reported on remote host
O servidor roda apenas Pure-Ftpd e stmp. O scan com nmap não retornou nada útil, mas pelo que pude perceber a máquina roda Linux.
Será que existe algo explorável neste server?
O relatório do Nikto foi este:
+ Server: Apache
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Cookie PHPSESSID created without the httponly flag
+ /crossdomain.xml contains a full wildcard entry. See Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...
+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
+ /cgi-sys/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
+ /securecontrolpanel/: Web Server Control Panel
+ /webmail/: Web based mail package installed.
+ /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
+ OSVDB-2117: /cpanel/: Web-based control panel
+ OSVDB-3092: /test.txt: This might be interesting...
+ OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
+ OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
+ OSVDB-3093: /webmail/lib/emailreader_execute_on_each_page.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-6694: /.DS_Store: Apache on Mac OSX will serve the .DS_Store file, which contains sensitive information. Configure Apache to ignore this file or upgrade to a newer version.
+ /controlpanel/: Admin login page/section found.
+ 9951 requests: 0 error(s) and 18 item(s) reported on remote host
O servidor roda apenas Pure-Ftpd e stmp. O scan com nmap não retornou nada útil, mas pelo que pude perceber a máquina roda Linux.
Será que existe algo explorável neste server?
Comment