{"uuid": "d5f328c9-60f2-4d69-9f4e-7e5c2b73eb56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-2808", "type": "seen", "source": "https://t.me/thegoodfatherag/8840", "content": "====== Running in file batch mode with file=\"hosts/ips.txt\" ======\n\n==========================\n/root/Tools/testssl.sh/testssl.sh --quiet --color 0 -U --warnings=batch 77.81.101.111\n\n\n Start 2024-02-14 22:13:09                -->> 77.81.101.111:443 (77.81.101.111) <<--\n\n rDNS (77.81.101.111):   --\n Service detected:       HTTP\n\n\n Testing vulnerabilities\n\n Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension\n CCS (CVE-2014-0224)                       not vulnerable (OK)\n Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK)\n ROBOT                                     not vulnerable (OK)\n Secure Renegotiation (RFC 5746)           supported (OK)\n Secure Client-Initiated Renegotiation     not vulnerable (OK)\n CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)\n BREACH (CVE-2013-3587)                    no gzip/deflate/compress/br HTTP compression (OK)  - only supplied \"/\" tested\n POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)\n TLS_FALLBACK_SCSV (RFC 7507)              Downgrade attack prevention supported (OK)\n SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)\n FREAK (CVE-2015-0204)                     not vulnerable (OK)\n DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)\n                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services, see\n                                           https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=84359F27151AC6F21A23D865CCD523FADB0B99CE8E33878E67081E5BFF1D759C\n LOGJAM (CVE-2015-4000), experimental      common prime with 2048 bits detected: HAProxy (2048 bits),\n                                           but no DH EXPORT ciphers\n BEAST (CVE-2011-3389)                     TLS1: ECDHE-RSA-AES256-SHA\n                                                 HE-RSA-AES256-SHA\n                                                 CDHE-RSA-AES128-SHA\n                                                 HE-RSA-AES128-SHA\n                                                 ES256-SHA\n                                                 ES128-SHA\n                                           VULNERABLE -- but also supports higher protocols  TLSv1.1 TLSv1.2 (likely mitigated)\n LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches\n Winshock (CVE-2014-6321), experimental    not vulnerable (OK)\n RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)\n\n\n Done 2024-02-14 22:15:15 [ 152s] -->> 77.81.101.111:443 (77.81.101.111) <<--\n\nYou got fucked RealitateaTV MOSSAD ISIS, Zionist Bastard \ud83d\ude01", "creation_timestamp": "2024-02-15T03:24:44.000000Z"}