Web Services
Bug in http-security-headers: no string output.
PORT STATE SERVICE REASON VERSION
80/tcp open http syn-ack ttl 63 Apache httpd 2.4.6 ((CentOS) PHP/5.4.16)
|_http-chrono: Request times for /; avg: 211.95ms; min: 170.06ms; max: 293.08ms
|_http-server-header: Apache/2.4.6 (CentOS) PHP/5.4.16
|_http-date: Sun, 07 Aug 2022 18:42:55 GMT; -1s from local time.
|_http-csrf: Couldn't find any CSRF vulnerabilities.
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
|_http-fetch: Please enter the complete path of the directory to save data in.
|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
| http-sitemap-generator:
| Directory structure:
| /
| Other: 1
| Longest directory structure:
| Depth: 0
| Dir: /
| Total files found (by extension):
|_ Other: 1
| http-enum:
| /README.txt: Interesting, a readme.
| /css/: Potentially interesting folder w/ directory listing
| /icons/: Potentially interesting folder w/ directory listing
| /images/: Potentially interesting folder w/ directory listing
|_ /js/: Potentially interesting folder w/ directory listing
| http-comments-displayer:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.135.58
|
| Path: http://192.168.135.58:80/
| Line number: 57
| Comment:
|_ <!-- end #content -->
|_http-malware-host: Host appears to be clean
| http-trace: TRACE is enabled
| Headers:
| Date: Sun, 07 Aug 2022 18:42:55 GMT
| Server: Apache/2.4.6 (CentOS) PHP/5.4.16
| Connection: close
| Transfer-Encoding: chunked
|_Content-Type: message/http
| http-exif-spider:
| http://192.168.135.58:80/images/examples/image-6.jpg
| Date: 2012:04:10 18:54:07
| http://192.168.135.58:80/images/examples/image-4.jpg
| Date: 2012:04:10 18:54:34
| http://192.168.135.58:80/images/examples/image-5.jpg
| Date: 2012:04:10 18:55:18
| http://192.168.135.58:80/images/examples/image-2.jpg
| Date: 2012:04:10 18:54:48
| http://192.168.135.58:80/images/examples/image-3.jpg
| Date: 2012:04:10 18:54:43
| http://192.168.135.58:80/images/examples/image-1.jpg
|_ Date: 2012:04:10 18:54:53
| http-vhosts:
|_128 names had status 200
|_http-litespeed-sourcecode-download: Request with null byte did not work. This web server might not be vulnerable
| http-useragent-tester:
| Status for browser useragent: 200
| Allowed User Agents:
| Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)
| libwww
| lwp-trivial
| libcurl-agent/1.0
| PHP/
| Python-urllib/2.5
| GT::WWW
| Snoopy
| MFC_Tear_Sample
| HTTP::Lite
| PHPCrawl
| URI::Fetch
| Zend_Http_Client
| http client
| PECL::HTTP
| Wget/1.13.4 (linux-gnu)
|_ WWW-Mechanize/1.34
|_http-mobileversion-checker: No mobile version detected.
|_http-referer-checker: Couldn't find any cross-domain scripts.
|_http-feed: Couldn't find any feeds.
|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
|_http-jsonp-detection: Couldn't find any JSONP endpoints.
|_http-errors: Couldn't find any error pages.
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-vuln-cve2017-1001000: ERROR: Script execution failed (use -d to debug)
|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
| http-affiliate-id:
|_ Google Analytics ID: UA-2196019-1
| http-headers:
| Date: Sun, 07 Aug 2022 18:42:53 GMT
| Server: Apache/2.4.6 (CentOS) PHP/5.4.16
| X-Powered-By: PHP/5.4.16
| Connection: close
| Content-Type: text/html; charset=UTF-8
|
|_ (Request type: HEAD)
| http-internal-ip-disclosure:
|_ Internal IP Leaked: 127.0.0.2
|_http-config-backup: ERROR: Script execution failed (use -d to debug)
|_http-title: Simple PHP Photo Gallery
|_http-dombased-xss: Couldn't find any DOM based XSS.
| http-php-version: Logo query returned unknown hash 1101274777f5937427daccb13c1cbada
| Versions from credits query (more accurate): 5.4.15 - 5.4.45Last updated