Re: [RELEASE] Exorcist Online Server ( เอ็กโซซิส ออนไลน์ )
All subdomains and the site POODLE vulnerability))))))) i test now))))
Websites that support SSLv3 and CBC-mode ciphers are potentially vulnerable to an active MITM (Man-in-the-middle) attack. This attack, called POODLE, is similar to the BEAST attack and also allows a network attacker to extract the plaintext of targeted parts of an SSL connection, usually cookie data. Unlike the BEAST attack, it doesn't require such extensive control of the format of the plaintext and thus is more practical.
Any website that supports SSLv3 is vulnerable to POODLE, even if it also supports more recent versions of TLS. SSLv3 will be disabled by default in Firefox 34, which will be released on Nov 25 2014.
And nginx SPDY heap buffer overflow
A heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request. The problem affects nginx compiled with the ngx_http_spdy_module module (which is not compiled by default) and without --with-debug configure option, if the "spdy" option of the "listen" directive is used in a configuration file.
add^
A SSL3 server is running on TCP port 443.
SSL server information:
Version: SSL2,SSL3,TLS1
Ciphers suported:
- SSL3_CK_RSA_DES_192_CBC3_SHA(OpenSSL ciphername: DES-CBC3-SHA, Protocol version: SSLv3, Key Exchange: RSA, Autentication: RSA, Symmetric encryption method: 3DES(168), Message authentication code: SHA1) - High strength
- SSL3_CK_EDH_RSA_DES_192_CBC3_SHA(OpenSSL ciphername: EDH-RSA-DES-CBC3-SHA, Protocol version: SSLv3, Key Exchange: DH, Autentication: RSA, Symmetric encryption method: 3DES(168), Message authentication code: SHA1) - High strength
Certificate 1:
Issuer:
Country Name: US
State Or Province Name: Arizona
Locality Name: Scottsdale
Organization Name: GoDaddy.com, Inc.
Organizational Unit Name:
You must be registered to see links
Common Name: Go Daddy Secure Certificate Authority - G2
Recipient:
Organizational Unit Name: Domain Control Validated
Common Name: apps.koramgame.com
Certificate version: 2
Serial number: 0427a5d5d8b48c
Finger print: c22aafa6ae3c88ebb75cb30dda81f755
Algorithm ID: 1.2.840.113549.1.1.11
Valability start: Thu Aug 14 06:21:06 UTC+0400 2014
Valability end: Wed Sep 9 09:03:15 UTC+0400 2015
Expire in: 264 days
Certificate 2:
Issuer:
Country Name: US
State Or Province Name: Arizona
Locality Name: Scottsdale
Organization Name: GoDaddy.com, Inc.
Common Name: Go Daddy Root Certificate Authority - G2
Recipient:
Country Name: US
State Or Province Name: Arizona
Locality Name: Scottsdale
Organization Name: GoDaddy.com, Inc.
Organizational Unit Name:
You must be registered to see links
Common Name: Go Daddy Secure Certificate Authority - G2
Certificate version: 2
Serial number: 07
Finger print: 9f72f95204e047196fc9f5aee1264bdd
Algorithm ID: 1.2.840.113549.1.1.11
Valability start: Tue May 3 11:00:00 UTC+0400 2011
Valability end: Sat May 3 11:00:00 UTC+0400 2031
Expire in: 5979 days
Certificate 3:
Issuer:
Country Name: US
Organization Name: The Go Daddy Group, Inc.
Organizational Unit Name: Go Daddy Class 2 Certification Authority
Recipient:
Country Name: US
State Or Province Name: Arizona
Locality Name: Scottsdale
Organization Name: GoDaddy.com, Inc.
Common Name: Go Daddy Root Certificate Authority - G2
Certificate version: 2
Serial number: 1be715
Finger print: 10019e21afd5c96cabb0c16e218adbfd
Algorithm ID: 1.2.840.113549.1.1.11
Valability start: Wed Jan 1 11:00:00 UTC+0400 2014
Valability end: Fri May 30 11:00:00 UTC+0400 2031
Expire in: 6006 days
Certificate 4:
Issuer:
Country Name: US
Organization Name: The Go Daddy Group, Inc.
Organizational Unit Name: Go Daddy Class 2 Certification Authority
Recipient:
Country Name: US
Organization Name: The Go Daddy Group, Inc.
Organizational Unit Name: Go Daddy Class 2 Certification Authority
Certificate version: 2
Serial number: 00
Finger print: 78cd211761d29211151794eef316be2b
Algorithm ID: 1.2.840.113549.1.1.5
Valability start: Tue Jun 29 21:06:20 UTC+0400 2004
Valability end: Thu Jun 29 21:06:20 UTC+0400 2034
Expire in: 7132 days
A TLS1 server is running on TCP port 443.
SSL server information:
Version: SSL2,SSL3,TLS1
Ciphers suported:
- TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA(OpenSSL ciphername: DES-CBC3-SHA, Protocol version: TLSv1, Key Exchange: RSA, Autentication: RSA, Symmetric encryption method: 3DES(168), Message authentication code: SHA1) - High strength
- TLS1_CK_DHE_RSA_WITH_3DES_EDE_CBC_SHA(OpenSSL ciphername: EDH-RSA-DES-CBC3-SHA, Protocol version: TLSv1, Key Exchange: DH, Autentication: RSA, Symmetric encryption method: 3DES(168), Message authentication code: SHA1) - High strength
- TLS1_CK_RSA_WITH_AES_128_CBC_SHA(OpenSSL ciphername: AES128-SHA, Protocol version: TLSv1, Key Exchange: RSA, Autentication: RSA, Symmetric encryption method: AES(128), Message authentication code: SHA1) - High strength
- TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA(OpenSSL ciphername: DHE-RSA-AES128-SHA, Protocol version: TLSv1, Key Exchange: DH, Autentication: RSA, Symmetric encryption method: AES(128), Message authentication code: SHA1) - High strength
- TLS1_CK_RSA_WITH_AES_256_CBC_SHA(OpenSSL ciphername: AES256-SHA, Protocol version: TLSv1, Key Exchange: RSA, Autentication: RSA, Symmetric encryption method: AES(256), Message authentication code: SHA1) - High strength
- TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA(OpenSSL ciphername: DHE-RSA-AES256-SHA, Protocol version: TLSv1, Key Exchange: DH, Autentication: RSA, Symmetric encryption method: AES(256), Message authentication code: SHA1) - High strength
- TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA(OpenSSL ciphername: n/a, Protocol version: TLSv1, Key Exchange: RSA, Autentication: RSA, Symmetric encryption method: Camellia(128), Message authentication code: SHA1) - High strength
- TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA(OpenSSL ciphername: n/a, Protocol version: TLSv1, Key Exchange: DH, Autentication: RSA, Symmetric encryption method: Camellia(128), Message authentication code: SHA1) - High strength
- TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA(OpenSSL ciphername: n/a, Protocol version: TLSv1, Key Exchange: RSA, Autentication: RSA, Symmetric encryption method: Camellia(256), Message authentication code: SHA1) - High strength
- TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA(OpenSSL ciphername: n/a, Protocol version: TLSv1, Key Exchange: DH, Autentication: RSA, Symmetric encryption method: Camellia(256), Message authentication code: SHA1) - High strength
Certificate 1:
Issuer:
Country Name: US
State Or Province Name: Arizona
Locality Name: Scottsdale
Organization Name: GoDaddy.com, Inc.
Organizational Unit Name:
You must be registered to see links
Common Name: Go Daddy Secure Certificate Authority - G2
Recipient:
Organizational Unit Name: Domain Control Validated
Common Name: apps.koramgame.com
Certificate version: 2
Serial number: 0427a5d5d8b48c
Finger print: c22aafa6ae3c88ebb75cb30dda81f755
Algorithm ID: 1.2.840.113549.1.1.11
Valability start: Thu Aug 14 06:21:06 UTC+0400 2014
Valability end: Wed Sep 9 09:03:15 UTC+0400 2015
Expire in: 264 days
Certificate 2:
Issuer:
Country Name: US
State Or Province Name: Arizona
Locality Name: Scottsdale
Organization Name: GoDaddy.com, Inc.
Common Name: Go Daddy Root Certificate Authority - G2
Recipient:
Country Name: US
State Or Province Name: Arizona
Locality Name: Scottsdale
Organization Name: GoDaddy.com, Inc.
Organizational Unit Name:
You must be registered to see links
Common Name: Go Daddy Secure Certificate Authority - G2
Certificate version: 2
Serial number: 07
Finger print: 9f72f95204e047196fc9f5aee1264bdd
Algorithm ID: 1.2.840.113549.1.1.11
Valability start: Tue May 3 11:00:00 UTC+0400 2011
Valability end: Sat May 3 11:00:00 UTC+0400 2031
Expire in: 5979 days
Certificate 3:
Issuer:
Country Name: US
Organization Name: The Go Daddy Group, Inc.
Organizational Unit Name: Go Daddy Class 2 Certification Authority
Recipient:
Country Name: US
State Or Province Name: Arizona
Locality Name: Scottsdale
Organization Name: GoDaddy.com, Inc.
Common Name: Go Daddy Root Certificate Authority - G2
Certificate version: 2
Serial number: 1be715
Finger print: 10019e21afd5c96cabb0c16e218adbfd
Algorithm ID: 1.2.840.113549.1.1.11
Valability start: Wed Jan 1 11:00:00 UTC+0400 2014
Valability end: Fri May 30 11:00:00 UTC+0400 2031
Expire in: 6006 days
Certificate 4:
Issuer:
Country Name: US
Organization Name: The Go Daddy Group, Inc.
Organizational Unit Name: Go Daddy Class 2 Certification Authority
Recipient:
Country Name: US
Organization Name: The Go Daddy Group, Inc.
Organizational Unit Name: Go Daddy Class 2 Certification Authority
Certificate version: 2
Serial number: 00
Finger print: 78cd211761d29211151794eef316be2b
Algorithm ID: 1.2.840.113549.1.1.5
Valability start: Tue Jun 29 21:06:20 UTC+0400 2004
Valability end: Thu Jun 29 21:06:20 UTC+0400 2034
Expire in: 7132 days