Professional Documents
Culture Documents
ru
IP Address: 87.236.16.73
____________________________________________________________________________________
______________________________________________________________________________
// Whois Lookup //
Domain: cyber-tel.ru
Registrar: BEGET-RU
Registered On: 2021-11-16
Expires On: 2023-11-16
Name Servers: dns1.yandex.net. ;; dns2.yandex.net.
Organization: Kiber-Telekom, LLC
____________________________________________________________________________________
______________________________________________________________________________
IP Address: 87.236.16.73
HTTPServer[nginx-reuseport/1.21.1]
Site running PHP version 7.4.33
Site running Wordpress version 5.7.2
____________________________________________________________________________________
______________________________________________________________________________
// Server running //
* When hunting for directories, server mostly returns code 301 Moved Permanently and then 302 Forbidd
en (You don’t have permission to access this resource.) **
* Anyways here are all the directories I found (status codes 200 and 301/302) **
____________________________________________________________________________________
______________________________________________________________________________
____________________________________________________________________________________
______________________________________________________________________________
User-agent: *
Disallow: /wp-admin
Disallow: /wp-includes
Disallow: */cabinet/*
Disallow: /wp-json/*
Disallow: /check-address-connect
Disallow: /navigaciya/
Disallow: /category/без-рубрики/
Disallow: /category/без-рубрики/page/2/
Disallow: /без-рубрики/тарифы-и-карточки/
Allow: /wp-admin/admin-ajax.php
Sitemap: http://cyber-tel.ru/sitemap.xml
Host: https://cyber-tel.ru/
* File enumeration was cancelled because of too many errors and avoiding to send too many packets **
*
____________________________________________________________________________________
______________________________________________________________________________
* After examining their sitemap.xml, I found a subdomain called lk which is their portal for
Personal Acco unt (Личный кабинет >> translated from russian) ***
____________________________________________________________________________________
______________________________________________________________________________
// Subdomain Enumeration //
Found: info.cyber-tel.ru (Status: 200) <<< IP Address: 87.236.16.112 <<< Can't access this URL
through browser, maybe there's something wrong with my TOR service...
Found: lk.cyber-tel.ru (Status: 200) <<< IP Address: 37.18.26.159 <<< Packet loss is 100% when
pinged ( maybe they've disabled ICMP)
____________________________________________________________________________________
______________________________________________________________________________
____________________________________________________________________________________
______________________________________________________________________________
*** Moving forward, let's see what Wordpress has to offer :) ***
// Wordpress //
* wordpress-seo-premium // (version 14.7) <<< outdated <<< latest version is 19.3 // End of
# [ VULNERABILITY DETAILS ] :
# [ Sample Request ] :
____________________________________________________________________________________
______________________________________________________________________________
*** Didn't proceed with brute-forcing or dictionary attack, just not to trigger any alarms so early ***
https://www.rapid7.com/db/vulnerabilities/debian-cve-2022-21664/
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jp3p-gw8h-6x86
____________________________________________________________________________________
___________________________
* Tested some parameters for SQL injection, but no luck. SQLmap can't do much as well, at
least on my side. ***
# Please get onto this as soon as possible, you might find something that I couldn't. Let's do this! //