stain-surakarta.ac.id sudah up lagi..

Malam ini iseng-iseng setelah selesaikan pekerjaan dan mencari sabetan install laptop, coba untuk berterbangan di dunia maya alias surping {berburu yg syur2 kalau kepingin.. halagh.. }. mulai dari fb sampai beberapa situs lain..

Tiba-tiba teringat untuk coba ngecek website kampus, aha.. sudah up lagi ternyata.. padahal beberapa hari yang lalu sempat tak rasani.. 😉

Tapi sama sekali tak ada yg berubah. tak sesuai dengan infonya si agen budi {kill him now!!} haha… entah, hole sampai vurln nya masih sama.. tetap open.. bahkan kalau mau masih sempat untuk bisa poto2 di dalamnya..

Tapi sudahlah.. sekarang saatnya ambil skrinsut buat kenang-kenangan siapa tahu besok gantian ngga kuat bayar pajak listrik.. 😛

please admin.. update this site.. informasinya sudah terlalu uzur.. kalau tak salah update terakhir adalah Oktober. jangan karena terlalu banyak proyek lalu anda bisa melupakan tanggung jawab… 😉
dan berikut hasil scan menggunakan nikto,

- Nikto v2.1.0/2.1.0
--------------------------------------------------------------------------
+ Target IP: 202.43.186.166
+ Target Hostname: www.stain-surakarta.ac.id
+ Target Port: 80
+ Start Time: 2009-11-18 2:05:02
--------------------------------------------------------------------------
+ Server: Apache/2.2.4 (Unix) PHP/5.2.0
+ OSVDB-0: Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-0: DEBUG HTTP verb may show server debugging information
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-0: Apache/2.2.4 appears to be outdated (current is at least Apache/2.2.14). Apache 1.3.41 and 2.0.63 are also current.
+ OSVDB-0: PHP/5.2.0 appears to be outdated (current is at least 5.2.8)
+ OSVDB-0: Non-standard header keep-alive returned by server, with contents: timeout=5, max=100
+ OSVDB-0: Non-standard header x-powered-by returned by server, with contents: PHP/5.2.0
+ OSVDB-8450: /phpMyAdmin/db_details_importdocsql.php?submit_show=true&do=import&docpath=../: phpMyAdmin allows directory listings remotely. Upgrade to version 2.5.3 or higher. http://www.securityfocus.com/bid/7963.
+ OSVDB-13405: /WS_FTP.LOG: WS_FTP.LOG file was found. It may contain sensitive information.
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
+ OSVDB-3092: /download/: This might be interesting...
+ OSVDB-3092: /error_log: This might be interesting...
+ OSVDB-3092: /img/: This may be interesting...
+ OSVDB-3092: /new/: This might be interesting...
+ OSVDB-3092: /phpMyAdmin/: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ OSVDB-3092: /template/: This may be interesting as the directory may hold sensitive files or reveal system information.
+ OSVDB-3093: /webmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ OSVDB-3268: /images/: Directory indexing is enabled: /images
+ 3582 items checked: 19 item(s) reported on remote host
+ End Time: 2009-11-18 2:17:02 (706 seconds)
--------------------------------------------------------------------------

Hell Sh*t!!

6 thoughts on “stain-surakarta.ac.id sudah up lagi..”

Tinggalkan Balasan