- Nikto 
---------------------------------------------------------------------------
+ Multiple IPs found: 35.174.132.21, 35.173.82.140, 35.169.50.49
+ Target IP:          35.174.132.21
+ Target Hostname:    caceo.us
+ Target Port:        80
+ Start Time:         2024-08-13 13:28:12 (GMT-4)
---------------------------------------------------------------------------
+ Server: No banner retrieved
+ /: Cookie datadome created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: Uncommon header 'x-datadome' found, with contents: protected.
+ /: Uncommon header 'x-dd-b' found, with contents: 1.
+ /: Uncommon header 'x-datadome-cid' found, with contents: AHrlqAAAAAMAcPVoa06fqP8ArGCmQg==.
+ /: Uncommon header 'accept-ch' found, with contents: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory.
+ /: Uncommon header 'charset' found, with contents: utf-8.
+ /FeyK3bhr.map: Retrieved x-aspnet-version header: 4.0.30319.
+ /FeyK3bhr.map: Retrieved x-powered-by header: ASP.NET.
+ /sshome/: Siteseed pre 1.4.2 has 'major' security problems.
+ /tiki/: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin.
+ /tiki/tiki-install.php: Tiki 1.7.2 and previous allowed restricted Wiki pages to be viewed via a 'URL trick'. Default login/pass could be admin/admin.
+ /_vti_bin/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe/aux.htm -- a DoS was not attempted. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709
+ /cgi-win/handler.cgi: Variation of Irix Handler? Has been seen from other CGI scanners.
+ /help/: Help directory should not be accessible.
+ /hola/admin/cms/htmltags.php?datei=./sec/data.php: hola-cms-1.2.9-10 may reveal the administrator ID and password. See: https://vulners.com/exploitdb/EDB-ID:23027
+ /cgi-win/guestbook.cgi: May allow attackers to execute commands as the web daemon.
+ /cgi-win/guestbook.pl: May allow attackers to execute commands as the web daemon.
+ /bigconf.cgi: BigIP Configuration CGI.
+ /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ /wa.exe: An ASP page that allows attackers to upload files to server.
+ /cgi-win/.cobalt: May allow remote admin of CGI scripts.
+ /forum/admin/wwforum.mdb: Web Wiz Forums password database found. See: https://seclists.org/bugtraq/2003/Apr/238
+ /fpdb/shop.mdb: MetaCart2 is an ASP shopping cart. The database of customers is available via the web. See: https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /guestbook/admin/o12guest.mdb: Ocean12 ASP Guestbook Manager allows download of SQL database which contains admin password. See: https://www.exploit-db.com/exploits/22484
+ /midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1432
+ /MIDICART/midicart.mdb: MIDICART database is available for browsing. This should not be allowed via the web server. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1432
+ /mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb: MPCSoftWeb Guest Book passwords retrieved. See: https://www.exploit-db.com/exploits/22513
+ /news/news.mdb: Web Wiz Site News release v3.06 admin password database is available and unencrypted.
+ /shopping300.mdb: VP-ASP shopping cart application allows .mdb files (which may include customer data) to be downloaded via the web. These should not be available. See: https://securitytracker.com/id/1004382
+ /site/typo3conf/: This may contain sensitive TYPO3 files.
+ /ws_ftp.ini: Can contain saved passwords for FTP sites.
+ /WS_FTP.ini: Can contain saved passwords for FTP sites.
+ /cgi-win/MsmMask.exe: MondoSearch 4.4 may allow source code viewing by requesting MsmMask.exe?mask=/filename.asp where 'filename.asp' is a real ASP file. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1528
+ /_cti_pvt/: FrontPage directory found.
+ /smg_Smxcfg30.exe?vcc=3560121183d3: This may be a Trend Micro Officescan 'backdoor'.
+ /cgi-win/wais.pl: Gateway to the unix command, may be able to submit extra commands.
+ /LOGIN.PWD: MIPCD password file with unencrypted passwords. MIPDCD should not have the web interface enabled.
+ /jigsaw/: Jigsaw server may be installed. Versions lower than 2.2.1 are vulnerable to Cross Site Scripting (XSS) in the error page. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1053
+ /cbms/realinv.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/.
+ /cbms/usersetup.php: CBMS Billing Management has had many vulnerabilities in versions 0.7.1 and below. None could be confirmed here, but they should be manually checked if possible. http://freshmeat.net/projects/cbms/.
+ /Admin_files/order.log: Selena Sol's WebStore 1.0 exposes order information. See: https://packetstormsecurity.com/files/32406/xmas.txt.html
+ /cgi-win/infosrch.cgi: This CGI allows attackers to execute commands.
+ /cgi-win/listrec.pl: This CGI allows attackers to execute commands on the host.
+ /cgi-win/mailnews.cgi: Some versions allow attacker to execute commands as http daemon. Upgrade or remove.
+ /cgi-win/mmstdod.cgi: May allow attacker to execute remote commands. Upgrade to version 3.0.26 or higher.
+ /cgi-win/pagelog.cgi: Some versions of this allow you to create system files. Request 'pagelog.cgi?name=../../../../.././tmp/filename' to try.
+ /cgi-win/webif.cgi: HNS's webif.cgi is vulnerable to allow remote users to rewrite diary entries if 'direct mode' is enabled in version 2.00 and earlier, and Lite 0.8 and earlier.
+ /dostuff.php?action=modify_user: Blahz-DNS allows unauthorized users to edit user information. Upgrade to version 0.25 or higher. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0599,https://sourceforge.net/projects/blahzdns/
+ /cgi-win/mt/: Movable Type weblog found. May contain security problems in CGIs, weak passwords, and more. Default login 'Melody' with password 'Nelson'.
+ /cgi-win/nimages.php: Alpha versions of the Nimages package vulnerable to non-specific 'major' security bugs.
+ /cgi-win/robadmin.cgi: Default password: roblog.
+ /agentadmin.php: Immobilier agentadmin.php contains multiple SQL injection vulnerabilities. See: OSVDB-35876
+ /logs/str_err.log: Bmedia error log, contains invalid login attempts which include the invalid usernames and passwords entered (could just be typos & be very close to the right entries).
+ /smssend.php: PhpSmssend may allow system calls if a ' is passed to it. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0220
+ /ncl_items.shtml?SUBJECT=1: This may allow attackers to reconfigure your Tektronix printer. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0484
+ /photo/manage.cgi: My Photo Gallery management interface. May allow full access to photo galleries and more.
+ /_vti_pvt/service.cnf: Contains meta-information about the web server Remove or ACL if FrontPage is not being used. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1717
+ /_vti_pvt/services.cnf: Contains the list of subwebs. Remove or ACL if FrontPage is not being used. May reveal server version if Admin has changed it. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1717
+ /cgi-win/gbook/gbook.cgi?_MAILTO=xx;ls: gbook.cgi allows command execution. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1131
+ /cgi-win/include/new-visitor.inc.php: Les Visiteurs 2.0.1 and prior are vulnerable to remote command execution. BID 8902 for exploit example. See: OSVDB-2717
+ /msadc/msadcs.dll: . See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1011 BID-529 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2098/MS98-004 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-025 http://attrition.org/security/advisory/individual/rfp/rfp.9902.rds_iis
+ /musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1140,http://musicqueue.sourceforge.net/
+ /cgi-win/musicqueue.cgi: Musicqueue 1.20 is vulnerable to a buffer overflow. Ensure the latest version is installed (exploit not attempted). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1140,http://musicqueue.sourceforge.net/
+ /scripts/tools/newdsn.exe: This can be used to make DSNs, useful in use with an ODBC exploit and the RDS exploit (with msadcs.dll). Also may allow files to be created on the server. See: http://www.securityfocus.com/bid/1818 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0191 http://attrition.org/security/advisory/individual/rfp/rfp.9901.nt_odbc
+ /iisadmpwd/aexp2.htr: Gives domain and system name, may allow an attacker to brute force for access. Also will allow an NT4 user to change his password regardless of the 'user cannot change password' security policy. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407. http://www.securityfocus.com/bid/4236. http://www.securityfocus.com/bid/2110. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0407
+ /cgi-win/gbadmin.cgi?action=change_adminpass: RNN Guestbook 1.2 contains multiple vulnerabilities including remotely changing administrative password, deleting posts, changing the setup, remotely executing commands, and more. By default, the admin password is either 'admin' or 'demo'. See Nov 26, 200. See: OSVDB-2873
+ /admin.php: This might be interesting.
+ /admin.shtml: This might be interesting.
+ /analog/: This might be interesting.
+ /cert/: This might be interesting.
+ /certificado/: This might be interesting.
+ /connect/: This might be interesting.
+ /employees/: This might be interesting.
+ /img/: This might be interesting.
+ /imgs/: This might be interesting.
+ /import/: This might be interesting.
+ /impreso/: This might be interesting.
+ /includes/: This might be interesting.
+ /msql/: This might be interesting.
+ /msword/: This might be interesting.
+ /people.list: This might be interesting.
+ /perl5/: This might be interesting.
+ /pwd.db: This might be interesting.
+ /python/: This might be interesting.
+ /reseller/: This might be interesting.
+ /Sources/: This might be interesting: may be YaBB.
+ /temp/: This might be interesting.
+ /template/: This might be interesting: could have sensitive files or system information.
+ /WebShop/: This might be interesting.
+ /cgi-win/AnyBoard.cgi: This might be interesting.
+ /cgi-win/ex-logger.pl: This might be interesting.
+ /cgi-win/pu3.pl: This might be interesting.
+ /cgi-win/ratlog.cgi: This might be interesting.
+ /cgi-win/responder.cgi: This might be interesting.
+ /cgi-win/rguest.exe: This might be interesting.
+ /cgi-win/ultraboard.cgi: This might be interesting.
+ /scripts/counter.exe: This might be interesting.
+ /scripts/cphost.dll: cphost.dll may have a DoS and a traversal issue. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1769
+ /scripts/fpadmcgi.exe: This might be interesting.
+ /scripts/samples/search/webhits.exe: This might be interesting.
+ /data.sql: Database SQL?.
+ /ashnews.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /convert-date.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /cp/rac/nsManager.cgi: This might be interesting: has been seen in web logs from an unknown scanner.
+ /csPassword.cgi?command=remove%20: This might be interesting: has been seen in web logs from an unknown scanner.
+ /ez2000/ezadmin.cgi: This might be interesting: has been seen in web logs from an unknown scanner.
+ /ez2000/ezboard.cgi: This might be interesting: has been seen in web logs from an unknown scanner.
+ /ez2000/ezman.cgi: This might be interesting: has been seen in web logs from an unknown scanner.
+ /forum/mainfile.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /kernel/class/delete.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /kernel/classes/ezrole.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /newtopic.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /screen.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /scripts/tradecli.dll: This might be interesting: has been seen in web logs from an unknown scanner.
+ /sendphoto.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /technote/print.cgi: This might be interesting: has been seen in web logs from an unknown scanner.
+ /tinymsg.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /XMBforum/buddy.php: This might be interesting: has been seen in web logs from an unknown scanner.
+ /cgi-win/cutecast/members/: This might be interesting: has been seen in web logs from an unknown scanner.
+ /cgi-win/day5datanotifier.cgi: This might be interesting: has been seen in web logs from an unknown scanner.
+ /cgi-win/ezshopper2/loadpage.cgi: This might be interesting: has been seen in web logs from an unknown scanner.
+ /cgi-win/_vti_pvt/doctodep.btr: This might be interesting: has been seen in web logs from an unknown scanner.
+ /cgi-win/cfgwiz.exe: cfgwiz.exe is a Norton Anti-Virus file and should not be available via the web site.
+ /cgi-win/Cgitest.exe: This might be interesting: has been seen in web logs from an unknown scanner.
+ /cgi-win/.htaccess: Contains authorization information.
+ /.wwwacl: Contains authorization information.
+ /.www_acl: Contains authorization information.
+ /jservdocs/: Default Apache JServ docs should be removed. See: CWE-552
+ /cgi-win/test-cgi.bat: This is an Apache for Win default. If Apache is lower than 1.3.23, this can be exploited as in test-cgi.bat?|dir+c:+>..\htdocs\listing.txt, but may not allow data sent back to the browser. See: CWE-552
+ /akopia/: Akopia is installed. See: CWE-552
+ /php/index.php: Monkey Http Daemon default PHP file found. See: CWE-552
+ /admcgi/scripts/Fpadmcgi.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage
+ /bin/admin.pl: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage
+ /bin/cfgwiz.exe: Default FrontPage CGI found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage
+ /_private/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage
+ /_private/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage
+ /_vti_bin/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage
+ /_vti_log/_vti_cnf/: FrontPage directory found. See: https://en.wikipedia.org/wiki/Microsoft_FrontPage
+ /nethome/: Netscape Enterprise Server default doc/manual directory. Reveals server path at bottom of page. See: CWE-552
+ /index.html.cz.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.de: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.dk: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.el: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.en: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.es: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.fr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.he.iso8859-8: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.hr.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.it: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.ja.iso2022-jp: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.kr.iso2022-kr: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.po.iso8859-2: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.pt: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.pt-br: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.ru.cp-1251: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.ru.cp866: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.ru.iso-ru: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.ru.koi8-r: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.se: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.tw: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.tw.Big5: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /index.html.var: Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information. See: CWE-552
+ /iissamples/sdk/asp/docs/Winmsdp.exe: This is a default IIS script/file that should be removed. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0738. https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1451,https://docs.microsoft.com/en-us/security-updates/securitybulletins/2099/MS99-013
+ /interchange/: Interchange chat is installed. Look for a high-numbered port like 20xx to find it running. See: CWE-552
+ /php/mlog.phtml: Remote file read vulnerability 1999-0346. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0068
+ /scripts/tools/getdrvrs.exe: MS Jet database engine can be used to make DSNs, useful with an ODBC exploit and the RDS exploit (with msadcs.dll) which mail allow command execution. See: http://attrition.org/security/advisory/individual/rfp/rfp.9901.nt_odbc
+ /cgi-win/ion-p.exe?page=c:\winnt\repair\sam: Ion-P allows remote file retrieval. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1559
+ /reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF: Oracle Reports rwservlet report Variable Arbitrary Report Executable Execution. See: https://www.exploit-db.com/exploits/26006
+ /apex/: Oracle Application Express login screen. See: CWE-552
+ /pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl=inTellectPRO&p_newurl=inTellectPRO: Access to Oracle pages could have an unknown impact.
+ /OA_JAVA/Oracle/: Oracle Applications portal pages found.
+ /doc/icodUserGuide.pdf: Instant Capacity on Demand (iCOD) Userís Guide. See: CWE-552
+ /doc/planning_SuperDome_configs.pdf: Planning HP SuperDome Configurations. See: CWE-552
+ /doc/vxvm/pitc_ag.pdf: VERITAS FlashSnapTM Point-In-Time Copy Solutions documentation. See: CWE-552
+ /doc/Judy/Judy_tech_book.pdf: HP Judy documentation found. See: CWE-552
+ /doc/vxvm/vxvm_ag.pdf: Veritas Volume Manager documentation. See: CWE-552
+ /doc/vxvm/vxvm_hwnotes.pdf: Veritas Volume Manager documentation. See: CWE-552
+ /doc/vxvm/vxvm_ig.pdf: Veritas Volume Manager documentation. See: CWE-552
+ /doc/vxvm/vxvm_mig.pdf: Veritas Volume Manager documentation. See: CWE-552
+ /doc/vxvm/vxvm_tshoot.pdf: Veritas Volume Manager documentation. See: CWE-552
+ /doc/vxvm/vxvm_notes.pdf: Veritas Volume Manager documentation. See: CWE-552
+ /doc/vxvm/vxvm_ug.pdf: Veritas Volume Manager documentation. See: CWE-552
+ /staging/: This might be interesting.
+ /_archive/: Archive found.
+ /install.php: install.php file found.
+ /phone/: This might be interesting.
+ /at/: This might be interesting: potential country code (Austria).
+ /ci/: This might be interesting: potential country code (CÔte D'ivoire).
+ /gy/: This might be interesting: potential country code (Guyana).
+ /ht/: This might be interesting: potential country code (Haiti).
+ /lt/: This might be interesting: potential country code (Lithuania).
+ /lu/: This might be interesting: potential country code (Luxembourg).
+ /mo/: This might be interesting: potential country code (Macao).
+ /mk/: This might be interesting: potential country code (Macedonia).
+ /ne/: This might be interesting: potential country code (Niger).
+ /ng/: This might be interesting: potential country code (Nigeria).
+ /nu/: This might be interesting: potential country code (Niue).
+ /nf/: This might be interesting: potential country code (Norfolk Island).
+ /mp/: This might be interesting: potential country code (Northern Mariana Islands).
+ /no/: This might be interesting: potential country code (Norway).
+ /om/: This might be interesting: potential country code (Oman).
+ /lc/: This might be interesting: potential country code (Saint Lucia).
+ /mf/: This might be interesting: potential country code (Saint Martin).
+ /pm/: This might be interesting: potential country code (Saint Pierre And Miquelon).
+ /vc/: This might be interesting: potential country code (Saint Vincent And The Grenadines).
+ /ws/: This might be interesting: potential country code (Samoa).
+ /th/: This might be interesting: potential country code (Thailand).
+ /tl/: This might be interesting: potential country code (Timor-leste).
+ /tv/: This might be interesting: potential country code (Tuvalu).
+ /ug/: This might be interesting: potential country code (Uganda).
+ Scan terminated: 0 error(s) and 210 item(s) reported on remote host
+ End Time:           2024-08-13 13:29:13 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested