- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP: 186...
+ Target Hostname: www...
+ Target Port: 80
+ Start Time: 2014-10-07 12:34:08 (GMT0)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ Cookie SESS5b123de25f3dab16ced1a21e062b4b04 created without the httponly flag
+ Retrieved x-powered-by header: PHP/5.3.3
+ The anti-clickjacking X-Frame-Options header is not present.
+ Server leaks inodes via ETags, header found with file /robots.txt, inode: 4604094, size: 1565, mtime: Sat Apr 6 16:24:56 2013
+ File/dir '/cron.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/INSTALL.mysql.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/INSTALL.pgsql.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/install.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/LICENSE.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/MAINTAINERS.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/update.php' in robots.txt returned a non-forbidden or redirect HTTP code (302)
+ File/dir '/UPGRADE.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/xmlrpc.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ Cookie ci_session created without the httponly flag
+ File/dir '/reservas/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/filter/tips/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/search/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/user/password/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/user/login/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/?q=filter/tips/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/?q=search/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/?q=user/password/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ File/dir '/?q=user/login/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ "robots.txt" contains 37 entries which should be manually viewed.
+ Uncommon header 'tcn' found, with contents: list
+ Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. See http://www.../?id=4698ebdc59d15. The following alternatives for 'index' were found: index.php
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.4.7). Apache 2.0.65 (final release) and 2.2.26 are also current.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-12184: /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-3092: /install/: This might be interesting...
+ OSVDB-3092: /privado/: This might be interesting...
+ OSVDB-3092: /user/: This might be interesting...
+ OSVDB-3268: /icons/: Directory indexing found.
+ OSVDB-3092: /install/install.php: Install file found.
+ OSVDB-3092: /UPGRADE.txt: Default file found.
+ OSVDB-3092: /install.php: Drupal install.php file found.
+ OSVDB-3092: /install.php: install.php file found.
+ OSVDB-3092: /LICENSE.txt: License file found may identify site software.
+ OSVDB-3092: /xmlrpc.php: xmlrpc.php was found.
+ OSVDB-3233: /INSTALL.mysql.txt: Drupal installation file found.
+ OSVDB-3233: /INSTALL.pgsql.txt: Drupal installation file found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ 8168 requests: 0 error(s) and 44 item(s) reported on remote host
+ End Time: 2014-10-07 13:30:48 (GMT0) (3400 seconds)
Quisiera que me colaboraran y me dieran pautas para aprovechar estas vulnerabilidades, pues he indagado y he leido informacion pero leer todo aveces tambien confunde mucho...se que hay vulnerabilidades como la OSVDB-877: HTTP TRACE method is active o Apache mod_negotiation is enabled with MultiViews , y por eso quisiera saber tambien que exploits me recomiendan o que auxiliary para atacar estas vulnerabilidades,,gracias por su colaboracion de antemano...
ademas esto tambien::
Ademas amigos AQUI LES TRAIGO UNA NUEVA RESPUESTA DE UN SCANEO QUE HICE CON EL SCANNER MOD=NEGOTATION BRUTE CON METASPLOIT A ESTA MISMA PAGINA ..MIREN Y OPINEN A VER COMO SI PROMETE O NO LA COSA...GRAX ...ES LO SIGUENTE >>>
msf auxiliary(mod_negotiation_brute) > run
186.116.9.243 /cron.php
186.116.9.243 /index.php
186.116.9.243 /install.php
186.116.9.243 /update.php
186.116.9.243 /xmlrpc.php
Scanned 1 of 1 hosts (100% complete)
Auxiliary module execution completed[/b][/size]
como puedo aprovechar estas vulnerabilidades con metasploit o con que exploit o sql injection o de que otra forma ..grax de antemano
EDITADO: Eliminación de la IP y de la URL del sitio escaneado.