April 27, 2021
primepult
Запрос "Распознать Онлайн"
POST /pultdumper HTTP/1.0 Connection: keep-alive Content-Type: multipart/form-data; boundary=--------042721092950688 Content-Length: 1227 Host: api.prime-pult.ru Accept: text/html, */* User-Agent: Mozilla/3.0 (compatible; Indy Library) ----------042721092950688 Content-Disposition: form-data; name="v" 1 ----------042721092950688 Content-Disposition: form-data; name="a" analyze ----------042721092950688 Content-Disposition: form-data; name="d" B456B656B654B150BC5FB8718F5CB66E947697739146AD719D7C9948A77A9B439B7D987D9F7B9B45AE4EAC77974AAB1B5E055C075A0158688766816787608562FC1EFE1CF826CF1BF328CD2AC52FC912ED33D432DD0AEA35DE04E106E602E300DA03EA01EC3AD904EF5D045F0259005B1E28CC2ECE28CD29C526C025C022C31C08DE3FE103E501E60ED430E905EE05D02FF21BCC2ECA2BC922C420F814FC16C61FC22597CA91C893C69DC4F412F214F00AEF08EE0EE80AEA02D833E704DD3BDF46A34A9E7FA441A74F9A70A9459077936A8D688D6EB75EB65E8760BA5BE9B0EB8ED58CD78ABA5ABA52B657B456B156BC48A3499272A94D967F997D997AAE479987638B5FBE64805AB356B754B151B56F96739441AF779223762D742F722970409F7D997F9F789E7B92759076964CA7708A50B553B256BF6B8358B358B463825CC81EFE1CF91DF918F22BC229CA1EF42DD6653C673A6138633600E507E401E603DD3EDE3AD83BDB07EF35D008E50EE70EF62FC811FC17FF28C418FC26C720C5223ADD39E20DE70FDA32E80DBFE2B9E0BBFEA5FCCC2ACA2DC825C625C527C124C01CC024FD1EC420C521C522F411CD277056699F781AD1C152 ----------042721092950688 Content-Disposition: form-data; name="s" 71E8FBC9659FE875 ----------042721092950688-- HTTP/1.1 200 OK Server: nginx Date: Tue, 27 Apr 2021 16:29:58 GMT Content-Type: text/html Content-Length: 53 Connection: keep-alive X-Powered-By: PHP/5.3.3 GateTx 40B7B0 (static format)|Gate-Tx|GateTx 40B7B0||
Запрос "Синтезировать онлайн"
POST /pultdumper HTTP/1.0 Connection: keep-alive Content-Type: multipart/form-data; boundary=--------042721094114657 Content-Length: 359 Host: api.prime-pult.ru Accept: text/html, */* User-Agent: Mozilla/3.0 (compatible; Indy Library) ----------042721094114657 Content-Disposition: form-data; name="v" 1 ----------042721094114657 Content-Disposition: form-data; name="a" synthesize ----------042721094114657 Content-Disposition: form-data; name="d" PT 84A2D1 ----------042721094114657 Content-Disposition: form-data; name="s" 3EEE75192A9966A5 ----------042721094114657-- HTTP/1.1 200 OK Server: nginx Date: Tue, 27 Apr 2021 16:41:22 GMT Content-Type: text/html Content-Length: 882 Connection: keep-alive X-Powered-By: PHP/5.3.3 r=ED1EC734C132C330E516CF3CE112E310D526FF0CD122D320DD2EF704D92AF300E516E714C93AE310ED1EEF1CE91AC330F5451C471A4EDB28FD0EFF0CF90AD3208576AF5CA95A8370A5568F7C897A8B78BD4E9764B94A93609D6EB744996A9B68A556A754897AA313461D44108172AB58B546B744996AB34095669764B94A936045B647B441B26B984DBE679449BA4BB87D8E57A451A253A05DAE778459E9B0EB8EDA4FBC619263906D9E47B4699A43B05DAE778459AA73807D8E7F8C51A27B882DDE07F401F22BD80DFE0FFC09FA0BF83DCE17A7FAA1F8AC35C61FEC19EA1BE80DFE27D409FA0BF82DDE07F429DA2BD835C61FEC31C21BE83DCE3FCC11E23BC8C536C734C132EB18CD7D247F2276E310D526D724D122FB08DD2EF704F102DB28CD3EE714E112E310C536EF1CC132EB18F506DF2CF102F300FD0EFF0CD122FB4B6E356C38A95A83708D7E8F7CA1528B78BD4EBF4C9162BB489D6E9F6C996AB340A5568F7CA152A3508576AF5CA95AAB58B5469F6CB101580356029764B94ABB4845B66F9C41B26B9865964FBC61924BB855A657A4798A53A075865FAC59AA7380659667946192639045B66FDF82D980301629DF3949C2D01C
Nmap
Scanning 5 services on api.prime-pult.ru (37.48.125.78) 22/tcp open ssh syn-ack OpenSSH 5.3 (protocol 2.0) 80/tcp open http syn-ack nginx 443/tcp open ssl/http syn-ack nginx 2204/tcp open ssh syn-ack OpenSSH 4.3 (protocol 2.0) 10000/tcp open http syn-ack MiniServ 1.860 (Webmin httpd)
Dir search
-
Target: http://api.prime-pult.ru/rc-code-calc/ [20:44:27] 200 - 4KB - /rc-code-calc/index.php [20:44:27] 200 - 4KB - /rc-code-calc/index.php/login/
_
Target: http://api.prime-pult.ru/ [20:40:41] Starting: [20:40:42] 403 - 280B - /.ht_wsr.txt [20:40:42] 403 - 283B - /.htaccess.bak1 [20:40:42] 403 - 283B - /.htaccess.orig [20:40:42] 403 - 283B - /.htaccess_orig [20:40:42] 403 - 281B - /.htaccessBAK [20:40:42] 403 - 284B - /.htaccess_extra [20:40:42] 403 - 285B - /.htaccess.sample [20:40:42] 403 - 281B - /.htaccessOLD [20:40:42] 403 - 281B - /.htaccess_sc [20:40:42] 403 - 282B - /.htaccessOLD2 [20:40:42] 403 - 283B - /.htaccess.save [20:40:42] 403 - 273B - /.htm [20:40:42] 403 - 274B - /.html [20:40:42] 403 - 280B - /.httr-oauth [20:40:42] 403 - 279B - /.htpasswds [20:40:42] 403 - 283B - /.htpasswd_test [20:40:43] 412 - 584B - /.mweval_history [20:40:43] 412 - 584B - /.selected_editor [20:40:46] 200 - 0B - /_index.php [20:40:52] 403 - 277B - /cgi-bin/ [20:40:53] 412 - 584B - /dashboard/phpinfo.php [20:40:54] 403 - 275B - /error/ [20:40:56] 412 - 584B - /lib/phpunit/src/Util/PHP/eval-stdin.php [20:40:56] 412 - 584B - /lib/phpunit/Util/PHP/eval-stdin.php [20:40:56] 412 - 584B - /lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php [20:40:56] 412 - 584B - /lib/phpunit/phpunit/Util/PHP/eval-stdin.php [20:40:56] 412 - 584B - /linusadmin-phpinfo.php [20:40:57] 412 - 584B - /msadc/Samples/selector/showcode.asp [20:40:58] 412 - 584B - /phpinfo.php3 [20:40:58] 412 - 584B - /phpinfo [20:40:58] 412 - 584B - /phpinfo.php5 [20:40:58] 412 - 584B - /phpinfo.php [20:40:58] 412 - 584B - /phpinfos.php [20:40:58] 412 - 584B - /phpinfo.php4 [20:40:59] 412 - 584B - /phpunit/phpunit/src/Util/PHP/eval-stdin.php [20:40:59] 412 - 584B - /phpunit/src/Util/PHP/eval-stdin.php [20:40:59] 412 - 584B - /phpunit/phpunit/Util/PHP/eval-stdin.php [20:40:59] 412 - 584B - /phpunit/Util/PHP/eval-stdin.php [20:41:02] 412 - 584B - /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php [20:41:02] 412 - 584B - /vendor/phpunit/src/Util/PHP/eval-stdin.php [20:41:02] 412 - 584B - /vendor/phpunit/Util/PHP/eval-stdin.php [20:41:02] 412 - 584B - /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php
Target: https://prime-pult.ru/ [20:56:33] Starting: [20:56:41] 403 - 276B - /.ht_wsr.txt [20:56:41] 403 - 279B - /.htaccess.bak1 [20:56:41] 403 - 279B - /.htaccess.orig [20:56:41] 403 - 279B - /.htaccess.save [20:56:41] 403 - 281B - /.htaccess.sample [20:56:41] 403 - 277B - /.htaccessBAK [20:56:41] 403 - 269B - /.htm [20:56:41] 403 - 277B - /.htaccess_sc [20:56:41] 403 - 279B - /.htpasswd_test [20:56:43] 403 - 280B - /.htaccess_extra [20:56:43] 403 - 276B - /.httr-oauth [20:56:43] 403 - 279B - /.htaccess_orig [20:56:43] 403 - 270B - /.html [20:56:43] 403 - 275B - /.htpasswds [20:56:43] 403 - 277B - /.htaccessOLD [20:56:43] 403 - 278B - /.htaccessOLD2 [20:57:12] 301 - 298B - /admin -> http://prime-pult.ru/admin/ [20:57:14] 403 - 280B - /admin/.htaccess [20:57:14] 200 - 3KB - /admin/?/login [20:57:14] 200 - 3KB - /admin/ [20:57:15] 200 - 0B - /admin/config.php [20:57:15] 200 - 3KB - /admin/index.php [20:57:42] 301 - 300B - /catalog -> http://prime-pult.ru/catalog/ [20:57:42] 403 - 273B - /cgi-bin/ [20:57:46] 200 - 0B - /config.php [20:57:59] 403 - 271B - /error/ [20:58:07] 301 - 298B - /image -> http://prime-pult.ru/image/ [20:58:09] 200 - 54KB - /index.php [20:58:09] 200 - 54KB - /index.php/login/ [20:58:28] 200 - 435B - /php.ini [20:58:38] 200 - 1KB - /robots.txt [20:58:48] 403 - 272B - /system/ [20:58:48] 403 - 281B - /system/error.txt [20:58:48] 403 - 280B - /system/storage/ [20:58:48] 301 - 299B - /system -> http://prime-pult.ru/system/
Webmin
Password changing is not enabled!