Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\Amd>cd\ C:\>nikto\nikto.pl -h www.sman1-boyolali.

com - Nikto v2.03/2.04 --------------------------------------------------------------------------+ Target IP: 174.37.147.184 + Target Hostname: www.sman1-boyolali.com + Target Port: 80 + Start Time: 2011-11-17 18:35:19 --------------------------------------------------------------------------+ Server: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mo d_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_qos/9.68 mod_p erl/2.0.5 Perl/v5.8.8 - /robots.txt - contains 35 'disallow' entries which should be manually viewed. (GET) + No CGI Directories found (use '-C all' to force check all possible dirs) + OSVDB-0: Retrieved X-Powered-By header: PHP/5.3.8 + OSVDB-0: ETag header found on server, inode: 429883888, size: 1572, mtime: 0x4 9d8f947dd000 + mod_ssl/2.2.21 appears to be outdated (current is at least 2.8.31) (may depend on server version) + OpenSSL/0.9.8e-fips-rhel5 appears to be outdated (current is at least 0.9.8i) (may depend on server version) + FrontPage/5.0.2.2635 appears to be outdated (current is at least 5.0.4.3) (may depend on server version) + mod_perl/2.0.5 appears to be outdated (current is at least 5.8) + Perl/v5.8.8 appears to be outdated (current is at least v5.10.0) + mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bw limited/1.4 FrontPage/5.0.2.2635 mod_qos/9.68 mod_perl/2.0.5 Perl/v5.8.8 - mod_s sl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). http://cve.mitre.org/cgi-bin/cvename.cgi?na me=CAN-2002-0082. + FrontPage - http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.h tml + OSVDB-396: GET /_vti_bin/shtml.exe : Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted. + OSVDB-0: GET /sips/sipssys/users/a/admin/user : SIPS v0.2.2 allows user accoun t info (including password) to be retrieved remotely. + OSVDB-0: GET /userinfo.php?uid=1; : Xoops portal gives detailed error messages including SQL syntax and may allow an exploit. + OSVDB-0: GET /index.php?module=My_eGallery : My_eGallery prior to 3.1.1.g are vulnerable to a remote execution bug via SQL command injection. + OSVDB-0: GET /user.php?op=confirmnewuser&module=NS-NewUser&uname=%22%3E%3Cimg% 20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com : Post Nuk e 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.o rg/advisories/CA-2000-02.html. + OSVDB-0: GET /myphpnuke/links.php?op=MostPopular&ratenum=[script]alert(documen t.cookie);[/script]&ratetype=percent : myphpnuke is vulnerable to Cross Site Scr ipting (XSS). http://www.cert.org/advisories/CA-2000-02.html. + OSVDB-0: GET /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&ca tegories=%3Cimg%20src=javascript:alert(document.cookie);%3E&parent_id=0 : Post N uke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert .org/advisories/CA-2000-02.html. + OSVDB-0: GET /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document. cookie);%3E&op=modload&name=Members_List&file=index : Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2 000-02.html.

+ OSVDB-3092: POST /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2 e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse= false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&l istDerivedT=false&listBorders=fals : We seem to have authoring access to the Fro ntPage web. + OSVDB-10359: GET /gallery/captionator.php : Gallery 1.1 through 1.3.0 contains a flaw that could allow remote attackers to include remote PHP via the GALLERY_ BASEDIR variable. + OSVDB-10359: GET /gallery/errors/configmode.php : Gallery 1.1 through 1.3.0 co ntains a flaw that could allow remote attackers to include remote PHP via the GA LLERY_BASEDIR variable. + OSVDB-10359: GET /gallery/errors/needinit.php : Gallery 1.1 through 1.3.0 cont ains a flaw that could allow remote attackers to include remote PHP via the GALL ERY_BASEDIR variable. + OSVDB-10359: GET /gallery/errors/reconfigure.php : Gallery 1.1 through 1.3.0 c ontains a flaw that could allow remote attackers to include remote PHP via the G ALLERY_BASEDIR variable. + OSVDB-10359: GET /gallery/errors/unconfigured.php : Gallery 1.1 through 1.3.0 contains a flaw that could allow remote attackers to include remote PHP via the GALLERY_BASEDIR variable. + OSVDB-12184: GET /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 : PHP rev eals potentially sensitive information via certain HTTP requests which contain s pecific QUERY strings. + OSVDB-3092: GET /cgi-sys/entropysearch.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web + OSVDB-3092: GET /cgi-sys/FormMail-clone.cgi : Default CGI, often with a hostin g manager of some sort. No known problems, but host managers allow sys admin via web + OSVDB-3092: GET /cgi-sys/mchat.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web + OSVDB-3092: GET /cgi-sys/scgiwrap : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web + OSVDB-3092: GET /poll : This may be interesting... + OSVDB-3092: GET /user/ : This might be interesting... + OSVDB-3092: GET /img-sys/ : Default image directory should not allow directory listing. + OSVDB-3092: GET /java-sys/ : Default Java directory should not allow directory listing. + OSVDB-3093: GET /index.php?base=test%20 : This might be interesting... has bee n seen in web logs from an unknown scanner. + OSVDB-3093: GET /index.php?IDAdmin=test : This might be interesting... has bee n seen in web logs from an unknown scanner. + OSVDB-3093: GET /index.php?pymembs=admin : This might be interesting... has be en seen in web logs from an unknown scanner. + OSVDB-3093: GET /index.php?SqlQuery=test%20 : This might be interesting... has been seen in web logs from an unknown scanner. + OSVDB-3093: GET /index.php?tampon=test%20 : This might be interesting... has b een seen in web logs from an unknown scanner. + OSVDB-3092: GET /INSTALL.txt : Default file found. + OSVDB-3092: GET /UPGRADE.txt : Default file found. + OSVDB-3092: GET /install.php : Drupal install.php file found. + OSVDB-3092: GET /install.php : install.php file found. + OSVDB-3092: GET /LICENSE.txt : License file found may identify site software. + OSVDB-3092: GET /xmlrpc.php : xmlrpc.php was found. + OSVDB-3092: GET /CHANGELOG.txt : A changelog was found. + OSVDB-3233: GET /INSTALL.mysql.txt : Drupal installation file found. + OSVDB-3233: GET /INSTALL.pgsql.txt : Drupal installation file found. + 3577 items checked: 47 item(s) reported on remote host + End Time: 2011-11-17 21:43:17 (11278 seconds)

--------------------------------------------------------------------------+ 1 host(s) tested Test Options: -h www.sman1-boyolali.com --------------------------------------------------------------------------C:\>