Host 49.235.171.158
China
Software information
Apache 2.4.29
tcp/8088
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2024-05-24 17:03
Last seen 2024-11-24 00:32
Open for 183 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c81c345f781c345f7f860bff9df08159ad3cd527a0e094084Found 32 files trough .DS_Store spidering: /assets /Dockerfile /footer.php /header.php /inc /index.php /install.php /LICENSE /pkxss /README.md /test /test/phpinfo.txt /test/ser.php /test/test.php /test/yijuhua.txt /vul /vul/burteforce /vul/csrf /vul/dir /vul/fileinclude /vul/infoleak /vul/overpermission /vul/rce /vul/sqli /vul/ssrf /vul/unsafedownload /vul/unsafeupload /vul/unserilization /vul/urlredirect /vul/xss /vul/xxe /wiki
Found on 2024-11-24 00:32 -
Severity: medium
Fingerprint: 5f32cf5d6962f09c2acf29aa2acf29aa3eaf00a630863e6b0e3c85a9638b60a6Found 33 files trough .DS_Store spidering: /assets /Dockerfile /footer.php /header.php /inc /index.php /install.php /LICENSE /pkxss /README.md /test /test/phpinfo.txt /test/ser.php /test/test.php /test/yijuhua.txt /vul /vul/burteforce /vul/csrf /vul/dir /vul/fileinclude /vul/infoleak /vul/overpermission /vul/rce /vul/sqli /vul/ssrf /vul/unsafedownload /vul/unsafeupload /vul/unserilization /vul/urlredirect /vul/xss /vul/xxe /wiki /wiki/image
Found on 2024-11-18 00:15 -
Severity: low
Fingerprint: 5f32cf5d6962f09cccdd54a0ccdd54a06e009db06be21de16b64da334d6fd5e1Found 13 files trough .DS_Store spidering: /assets /Dockerfile /footer.php /header.php /inc /index.php /install.php /LICENSE /pkxss /README.md /test /vul /wiki
Found on 2024-10-27 22:02 -
Severity: low
Fingerprint: 5f32cf5d6962f09c31c2f0b631c2f0b6ccb0999200993107cfab41b57795d39aFound 28 files trough .DS_Store spidering: /assets /Dockerfile /footer.php /header.php /inc /index.php /install.php /LICENSE /pkxss /README.md /test /vul /vul/burteforce /vul/csrf /vul/dir /vul/fileinclude /vul/infoleak /vul/overpermission /vul/rce /vul/sqli /vul/ssrf /vul/unsafedownload /vul/unsafeupload /vul/unserilization /vul/urlredirect /vul/xss /vul/xxe /wiki
Found on 2024-10-09 21:40
-
-
Git configuration and history exposed
The following URL (usually
/.git/config) is publicly accessible and is leaking source code and repository configuration.First seen 2024-05-24 17:03
Last seen 2024-11-24 00:32
Open for 183 days-
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227e39608d[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/zhuifengshaonianhanlu/pikachu.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Found on 2024-11-24 00:32277 Bytes
-
-
Git configuration and history exposed
The following URL (usually
/.git/config) is publicly accessible and is leaking source code and repository configuration.First seen 2024-04-23 20:09-
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65227e39608d[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/zhuifengshaonianhanlu/pikachu.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Found on 2024-04-23 20:09277 Bytes
-
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2024-04-23 20:09-
Severity: medium
Fingerprint: 5f32cf5d6962f09c2acf29aa2acf29aa3eaf00a630863e6b0e3c85a9638b60a6Found 33 files trough .DS_Store spidering: /assets /Dockerfile /footer.php /header.php /inc /index.php /install.php /LICENSE /pkxss /README.md /test /test/phpinfo.txt /test/ser.php /test/test.php /test/yijuhua.txt /vul /vul/burteforce /vul/csrf /vul/dir /vul/fileinclude /vul/infoleak /vul/overpermission /vul/rce /vul/sqli /vul/ssrf /vul/unsafedownload /vul/unsafeupload /vul/unserilization /vul/urlredirect /vul/xss /vul/xxe /wiki /wiki/image
Found on 2024-04-23 20:09
-
-
Open service 49.235.171.158:8088
2024-11-18 00:15
HTTP/1.1 200 OK Date: Mon, 18 Nov 2024 00:15:06 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=i0sdlj1cjbpn24q6uglaf8523s; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-11-18 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-11-17 23:28
HTTP/1.1 200 OK Date: Sun, 17 Nov 2024 23:28:13 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=rtokvu1ke94dqk0i5opa5p7i6u; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-11-17 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-11-02 02:00
HTTP/1.1 200 OK Date: Sat, 02 Nov 2024 02:00:13 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=mb5iaf571cv7php5tesf74646t; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-11-02 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-11-02 01:37
HTTP/1.1 200 OK Date: Sat, 02 Nov 2024 01:37:38 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=n9n78bigpja055dacrrvc48eur; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-11-02 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-10-31 23:47
HTTP/1.1 200 OK Date: Thu, 31 Oct 2024 23:47:14 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=1hd9221pfgc4l489dl6j0ha712; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-10-31 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-10-31 22:46
HTTP/1.1 200 OK Date: Thu, 31 Oct 2024 22:46:56 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=3dipdj1im49o4knr7a5mt1buh3; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-10-31 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-10-21 23:18
HTTP/1.1 200 OK Date: Mon, 21 Oct 2024 23:18:12 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=ukrk362opvett3h6cu6q2vdk2m; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-10-21 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-10-21 21:34
HTTP/1.1 200 OK Date: Mon, 21 Oct 2024 21:34:36 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=25jj3oosghv3m4rdsog51s6bue; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-10-21 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-10-19 21:38
HTTP/1.1 200 OK Date: Sat, 19 Oct 2024 21:38:06 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=57m0cqrh308gbrc86bbi9d56u2; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-10-19 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-10-17 22:21
HTTP/1.1 200 OK Date: Thu, 17 Oct 2024 22:21:09 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=83ej12igfdbm1fc1ftv499ihku; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-10-17 by HttpPluginCreate report
-
Open service 49.235.171.158:8088
2024-10-17 21:11
HTTP/1.1 200 OK Date: Thu, 17 Oct 2024 21:11:14 GMT Server: Apache/2.4.29 (Ubuntu) Set-Cookie: PHPSESSID=fdo2o14csppqptst98t3oarn0p; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=utf-8
Found 2024-10-17 by HttpPluginCreate report