{"vulnerability": "cve-2016-6329", "sightings": [{"uuid": "3db2073f-5670-4881-bc87-49651e2f65c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-6329", "type": "seen", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3548", "content": "\u2521\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2529\n\u2502 192.168.0.10 \u2502 \u2502 \u2502 \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\n[Open ports]\n\u250f\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2513\n\u2503 ip \u2503 proto \u2503 port \u2503 service \u2503 product \u2503 version \u2503\n\u2521\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2529\n\u2502 192.168.0.10 \u2502 tcp \u2502 21 \u2502 ftp \u2502 ProFTPD \u2502 1.3.5 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 ssh \u2502 OpenSSH \u2502 6.6.1p1 Ubuntu 2ubuntu2.10 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 http \u2502 Apache httpd \u2502 2.4.7 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 445 \u2502 netbios-ssn \u2502 Samba smbd \u2502 3.X - 4.X \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 ipp \u2502 CUPS \u2502 1.7 \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\n[Vulnerabilities]\n\u250f\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2533\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2513\n\u2503 ip \u2503 proto \u2503 port \u2503 vuln_name \u2503 cve \u2503\n\u2521\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2547\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2529\n\u2502 192.168.0.10 \u2502 tcp \u2502 0 \u2502 TCP Timestamps Information Disclosure (https://www.kitploit.com/search/label/Information%20Disclosure) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 21 \u2502 FTP Unencrypted Cleartext Login \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 Weak MAC Algorithm(s) Supported (SSH) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 Weak Encryption Algorithm(s) Supported (SSH) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 Weak Host Key Algorithm(s) (SSH) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 22 \u2502 Weak Key Exchange (KEX) Algorithm(s) Supported (SSH) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Test HTTP dangerous methods \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Drupal Core SQLi Vulnerability (SA-CORE-2014-005) - Active Check \u2502 CVE-2014-3704 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Drupal Coder RCE Vulnerability (SA-CONTRIB-2016-039) - Active Check \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Sensitive File Disclosure (HTTP) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Unprotected Web App / Device Installers (HTTP) \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Cleartext Transmission of Sensitive Information (https://www.kitploit.com/search/label/Sensitive%20Information) via HTTP \u2502 N/A \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 jQuery < 1.9.0 XSS Vulnerability \u2502 CVE-2012-6708 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 jQuery < 1.6.3 XSS Vulnerability \u2502 CVE-2011-4969 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 80 \u2502 Drupal 7.0 Information Disclosure Vulnerability - Active Check \u2502 CVE-2011-3730 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Report Vulnerable Cipher Suites for HTTPS \u2502 CVE-2016-2183 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Report Vulnerable Cipher Suites for HTTPS \u2502 CVE-2016-6329 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Report Vulnerable Cipher Suites for HTTPS \u2502 CVE-2020-12872 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection \u2502 CVE-2011-3389 \u2502\n\u2502 192.168.0.10 \u2502 tcp \u2502 631 \u2502 SSL/TLS: Deprecated TLSv1.0 and TLSv1.1 Protocol Detection \u2502 CVE-2015-0204 \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2534\u2500\u2500\u2500& #9472;\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\n[Users]", "creation_timestamp": "2024-01-08T12:19:23.000000Z"}, {"uuid": "67964f60-4468-4c94-9848-c202f3df9119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-6329", "type": "seen", "source": "https://t.me/hex4gon1/908", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T03:02:07.000000Z"}, {"uuid": "61e0ecb0-e04d-41e9-a0ad-86ad6b786486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-6329", "type": "seen", "source": "https://t.me/endsodomaofficial/7318", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T00:49:09.000000Z"}, {"uuid": "d26ff6a6-c6e8-4e04-8a98-d4b2237c2d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-6329", "type": "seen", "source": "https://t.me/jokerssec/1351", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T03:00:05.000000Z"}, {"uuid": "e548afcb-60e1-47ad-a527-c259905d70dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-6329", "type": "seen", "source": "https://t.me/fucklulzsecisrahell/6294", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T02:55:48.000000Z"}, {"uuid": "746e3031-ef96-4326-a422-f7b91020f689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-6329", "type": "seen", "source": "https://t.me/marianaalecu/3622", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T00:48:21.000000Z"}, {"uuid": "d62a81da-23f9-40d1-9eef-3b0ad5ce01a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2016-6329", "type": "seen", "source": "https://t.me/thegoodfatherag/8840", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09 -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111): --\n Service detected: HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224) not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK)\n ROBOT not vulnerable (OK)\n Secure Renegotiation (RFC 5746) supported (OK)\n Secure Client-Initiated Renegotiation not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929) not vulnerable (OK)\n BREACH (CVE-2013-3587) no gzip/deflate/compress/br HTTP compression (OK) - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566) not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)\n FREAK (CVE-2015-0204) not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)\n make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: HAProxy (2048 bits),\n but no DH EXPORT ciphers\n BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA\n HE-RSA-AES256-SHA\n CDHE-RSA-AES128-SHA\n HE-RSA-AES128-SHA\n ES256-SHA\n ES128-SHA\n VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T03:24:44.000000Z"}]}