[Nikto-discuss] Bug report - Plugin 001554

Frank Breedijk FBreedijk at schubergphilis.com
Wed Mar 31 12:13:43 UTC 2010


Plugin 001554 reprots that /administrator/ exists on https://secure.sectionzero.org/ but it doesn't.

------------------------------------------

agent ~ # openssl s_client -connect secure.sectionzero.org:443
CONNECTED(00000003)
depth=0 /CN=secure.sectionzero.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /CN=secure.sectionzero.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /CN=secure.sectionzero.org
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/CN=secure.sectionzero.org
   i:/O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFxDCCA6ygAwIBAgICcjkwDQYJKoZIhvcNAQEFBQAwVDEUMBIGA1UEChMLQ0Fj
ZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZzEcMBoGA1UE
AxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDAeFw0wOTAyMTYwNTA1MjVaFw0xMTAyMTYw
NTA1MjVaMCExHzAdBgNVBAMTFnNlY3VyZS5zZWN0aW9uemVyby5vcmcwggIiMA0G
CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCrQdGpgByr2JqIjYa1hjIlLHKf9Ir5
RjikbA3cQ89lAoixbeA65WQ9V12/lurIKYviTyXoJVQtOd9SyOfRaby2Wz8itcCd
AfNRAF44y9WBDAL/fY0n3kQbMhOtXMC4f8i5fp5ewfhtMuNNNYMwvcsOGwQA25Gv
z22OHUaWL5Pgl0ach3h3ufy5TcQGZR1UQXoON/XdwuiGd4Qj1EQfjCJw8CDcBGq6
2BYV6KId7UJ1YdVaRtG8knt5VnDW6yW3TBOIrCI4643dOo+vYgxygNkS0NSIo4pR
vvELMttsPsVDkfVaJvZWmFbKCRx53Ejfj4ebc0z8v4mN2StIO3Efr5NQP/T9KkDE
1K01agr7Kesy/OrhKvuNoX9Z0HpKrx0KtTJJdvQzXBNmaUHJH9tPvFS20SA2nDFS
tervLVUIKA6kpGmBS3HTL4Khlj3gULhj8TOy4S5VBhmXWnlwsCD1520A5Ecv3yfK
QdFFvWYTqPdMR7sDprc+b/GzwuRq6w68b9zlGzborRghYG1hGhVUKTxJz4spnLFq
QmC1iws4M2bg/HQ8jPxkN4nRaOvO8gSXIXDBNut3yznVWqhabQHVYrY5oAlCX18D
moZAzrScYXgEtOIQnXCWgQPl+/H3FaP6aFdCoPN4DC/7vywB6+5T7eOAMe1rKZA0
13uxELDlal1pBwIDAQABo4HSMIHPMAwGA1UdEwEB/wQCMAAwNAYDVR0lBC0wKwYI
KwYBBQUHAwIGCCsGAQUFBwMBBglghkgBhvhCBAEGCisGAQQBgjcKAwMwCwYDVR0P
BAQDAgWgMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Au
Y2FjZXJ0Lm9yZy8wRwYDVR0RBEAwPoIWc2VjdXJlLnNlY3Rpb256ZXJvLm9yZ6Ak
BggrBgEFBQcIBaAYDBZzZWN1cmUuc2VjdGlvbnplcm8ub3JnMA0GCSqGSIb3DQEB
BQUAA4ICAQCqd6/9AqAWxGowDZwvMH0PjVGJPyx/5H/CD2l0qTAYhYLdaBgxk5dD
cFSjlrprPmuBjdxNvcKE4neh76Z6W/88ahWQEx6cH0lu9GuK52g9y48Lz4B/J7Ns
humaPc8Rx4CUdE2tRUt1uuoRyS4gh6KGpvFBz/TUhp3T5y5fIZUtjYFZSfEH2G1F
igg6k6xR3V14GcmyE0gYDdvZAOXFO3VsrL2snwrSyI96i04pwiTbBpqB5R3lCnOH
zaUQ2VBKCd2q2cfu+bOPO6YUsIcrWgoz29c84Vt8k/nc98tDYENW4HAjlicsN2rg
QDhw/ZyA0JIRyuMFioOQ9RLxpeO5RtNvgWwyaR1KP/VksjAvJRog9GVXUEJJeRGA
3+dBUuZJkbMp7YoHmp93HoRyt+8ET3J4DV12cA42zgczm8mEYJR+Bw5FbyAUjwfp
/nYwo7lIdGYsq8BFUBU2M0JAZrKGJjgsQ79YVvigS85GbzfX5aTkdccAX4UmCaCu
s+Ts+1BxdDKQSHJ7Cy5ilJqoB4+487JqLAfv82oY5/11brKy3yaN841xUFIi3v57
62U2N6Pwqc8bOQGutYyHu+gy9i+rICXhA4WVQmA+7rSdfh5uLc2YBoBZhC/HGT3u
qKCfJ1TVPi5WfOebgrY6KLPQb3mFjFbEoNwtrQY8B//ftF+fqbFVIg==
-----END CERTIFICATE-----
subject=/CN=secure.sectionzero.org
issuer=/O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root
---
No client certificate CA names sent
---
SSL handshake has read 2428 bytes and written 340 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 4096 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 7724BBAB6D9074BA2A7A792B51227F4865387A20825E3D58AA82B59B52880FE2
    Session-ID-ctx:
    Master-Key: 6EF7DCEB4D201FE3A3A1E34C1F76B27B71D5B5FDCAA2113E91824C4E08C64842D9CC599BB1EC3CC5558838E02B4017BC
    Key-Arg   : None
    Start Time: 1270037545
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)
---
GET /administrator/ HTTP/1.0

HTTP/1.1 404 Not Found
Date: Wed, 31 Mar 2010 12:12:31 GMT
Server: Apache
Content-Length: 284
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /administrator/ was not found on this server.</p>
<hr>
<address>Apache Server at secure.sectionzero.org Port 80</address>
</body></html>
Closed

---------------------------------------

agent ~ # openssl s_client -connect secure.sectionzero.org:443
CONNECTED(00000003)
depth=0 /CN=secure.sectionzero.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /CN=secure.sectionzero.org
verify error:num=27:certificate not trusted
verify return:1
depth=0 /CN=secure.sectionzero.org
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/CN=secure.sectionzero.org
   i:/O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFxDCCA6ygAwIBAgICcjkwDQYJKoZIhvcNAQEFBQAwVDEUMBIGA1UEChMLQ0Fj
ZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZzEcMBoGA1UE
AxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDAeFw0wOTAyMTYwNTA1MjVaFw0xMTAyMTYw
NTA1MjVaMCExHzAdBgNVBAMTFnNlY3VyZS5zZWN0aW9uemVyby5vcmcwggIiMA0G
CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCrQdGpgByr2JqIjYa1hjIlLHKf9Ir5
RjikbA3cQ89lAoixbeA65WQ9V12/lurIKYviTyXoJVQtOd9SyOfRaby2Wz8itcCd
AfNRAF44y9WBDAL/fY0n3kQbMhOtXMC4f8i5fp5ewfhtMuNNNYMwvcsOGwQA25Gv
z22OHUaWL5Pgl0ach3h3ufy5TcQGZR1UQXoON/XdwuiGd4Qj1EQfjCJw8CDcBGq6
2BYV6KId7UJ1YdVaRtG8knt5VnDW6yW3TBOIrCI4643dOo+vYgxygNkS0NSIo4pR
vvELMttsPsVDkfVaJvZWmFbKCRx53Ejfj4ebc0z8v4mN2StIO3Efr5NQP/T9KkDE
1K01agr7Kesy/OrhKvuNoX9Z0HpKrx0KtTJJdvQzXBNmaUHJH9tPvFS20SA2nDFS
tervLVUIKA6kpGmBS3HTL4Khlj3gULhj8TOy4S5VBhmXWnlwsCD1520A5Ecv3yfK
QdFFvWYTqPdMR7sDprc+b/GzwuRq6w68b9zlGzborRghYG1hGhVUKTxJz4spnLFq
QmC1iws4M2bg/HQ8jPxkN4nRaOvO8gSXIXDBNut3yznVWqhabQHVYrY5oAlCX18D
moZAzrScYXgEtOIQnXCWgQPl+/H3FaP6aFdCoPN4DC/7vywB6+5T7eOAMe1rKZA0
13uxELDlal1pBwIDAQABo4HSMIHPMAwGA1UdEwEB/wQCMAAwNAYDVR0lBC0wKwYI
KwYBBQUHAwIGCCsGAQUFBwMBBglghkgBhvhCBAEGCisGAQQBgjcKAwMwCwYDVR0P
BAQDAgWgMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Au
Y2FjZXJ0Lm9yZy8wRwYDVR0RBEAwPoIWc2VjdXJlLnNlY3Rpb256ZXJvLm9yZ6Ak
BggrBgEFBQcIBaAYDBZzZWN1cmUuc2VjdGlvbnplcm8ub3JnMA0GCSqGSIb3DQEB
BQUAA4ICAQCqd6/9AqAWxGowDZwvMH0PjVGJPyx/5H/CD2l0qTAYhYLdaBgxk5dD
cFSjlrprPmuBjdxNvcKE4neh76Z6W/88ahWQEx6cH0lu9GuK52g9y48Lz4B/J7Ns
humaPc8Rx4CUdE2tRUt1uuoRyS4gh6KGpvFBz/TUhp3T5y5fIZUtjYFZSfEH2G1F
igg6k6xR3V14GcmyE0gYDdvZAOXFO3VsrL2snwrSyI96i04pwiTbBpqB5R3lCnOH
zaUQ2VBKCd2q2cfu+bOPO6YUsIcrWgoz29c84Vt8k/nc98tDYENW4HAjlicsN2rg
QDhw/ZyA0JIRyuMFioOQ9RLxpeO5RtNvgWwyaR1KP/VksjAvJRog9GVXUEJJeRGA
3+dBUuZJkbMp7YoHmp93HoRyt+8ET3J4DV12cA42zgczm8mEYJR+Bw5FbyAUjwfp
/nYwo7lIdGYsq8BFUBU2M0JAZrKGJjgsQ79YVvigS85GbzfX5aTkdccAX4UmCaCu
s+Ts+1BxdDKQSHJ7Cy5ilJqoB4+487JqLAfv82oY5/11brKy3yaN841xUFIi3v57
62U2N6Pwqc8bOQGutYyHu+gy9i+rICXhA4WVQmA+7rSdfh5uLc2YBoBZhC/HGT3u
qKCfJ1TVPi5WfOebgrY6KLPQb3mFjFbEoNwtrQY8B//ftF+fqbFVIg==
-----END CERTIFICATE-----
subject=/CN=secure.sectionzero.org
issuer=/O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root
---
No client certificate CA names sent
---
SSL handshake has read 2428 bytes and written 340 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 4096 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 97A8366B8065D830F7BC2116C2F8584D39402EACF0DF2789DFE0FDD1F4FA3166
    Session-ID-ctx:
    Master-Key: 09F4B9493A31EA9960949253AB8AAF9EC0C4AE1A140C8EC5CF863F5E4797FAC525DFD95DE83F0875FD93F0EB872C676C
    Key-Arg   : None
    Start Time: 1270037573
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)
---
GET /administrator/ HTTP/1.1
Host: secure.sectionzero.org

HTTP/1.1 404 Not Found
Date: Wed, 31 Mar 2010 12:13:06 GMT
Server: Apache
Content-Length: 284
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /administrator/ was not found on this server.</p>
<hr>
<address>Apache Server at secure.sectionzero.org Port 80</address>
</body></html>
^C



Frank Breedijk, CISSP
Mission Critical Engineer, Security
Schuberg Philis

phone:    +31 20 750 65 00
direct:   +31 20 750 65 38
mobile:   +31 6 438 22 637
email:    fbreedijk at schubergphilis.com

www.schubergphilis.com 

Star Parc
Boeing Ave 271
1119 PD Schiphol-Rijk
THE NETHERLANDS 





More information about the Nikto-discuss mailing list