Web stats for Secalert - secalert.net
David Vieira-Kurz (@secalert) on security.
1.67 Rating by ClearWebStats
secalert.net is 1 decade 3 years 1 month old. This website has a #1,046,838 rank in global traffic. It has a .net as an domain extension. This domain is estimated value of $ 720.00 and has a daily earning of $ 3.00. While no active threats were reported recently by users, secalert.net is SAFE to browse.
Traffic Report of Secalert
| Daily Unique Visitors: | 460 |
| Daily Pageviews: | 920 |
Estimated Valuation
| Income Per Day: | $ 3.00 |
| Estimated Worth: | $ 720.00 |
Search Engine Indexes
| Google Indexed Pages: | Not Applicable |
| Yahoo Indexed Pages: | Not Applicable |
| Bing Indexed Pages: | Not Applicable |
Search Engine Backlinks
| Google Backlinks: | Not Applicable |
| Bing Backlinks: | Not Applicable |
| Alexa BackLinks: | Not Applicable |
Safety Information
| Google Safe Browsing: | No Risk Issues |
| Siteadvisor Rating: | Not Applicable |
| WOT Trustworthiness: | Not Applicable |
| WOT Privacy: | Not Applicable |
| WOT Child Safety: | Not Applicable |
Website Ranks & Scores
| Google Pagerank: | Not Applicable |
| Alexa Rank: | 1,046,838 |
| Domain Authority: | Not Applicable |
Google Pagerank
PR 0 out of 10
PageSpeed Score
52
Siteadvisor Rating
Not Applicable
Where is secalert.net server located?
Hosted IP Address:
78.46.124.97
Hosted Country:
DE
Location Latitude:
50.4779Location Longitude:
12.3713Social Engagement
| Facebook Shares: | Not Applicable |
| Facebook Likes: | Not Applicable |
| Facebook Comments: | Not Applicable |
| Twitter Count (Tweets): | Not Applicable |
| Linkedin Shares: | Not Applicable |
| Delicious Shares: | Not Applicable |
Page Resources Breakdown
Homepage Links Analysis
Website Inpage Analysis
| H1 Headings: | 1 | H2 Headings: | 4 |
| H3 Headings: | 40 | H4 Headings: | Not Applicable |
| H5 Headings: | Not Applicable | H6 Headings: | Not Applicable |
| Total IFRAMEs: | 1 | Total Images: | 6 |
| Google Adsense: | Not Applicable | Google Analytics: | Not Applicable |
HTTP Header Analysis
Http-Version: 1.1
Status-Code: 200
Status: 200 OK
Date: ... 16 Mar 2016 15:15:33 GMT
:
1) The Apache Tomcat Connectors: If Apache httpd and Tomcat are configured to serve content from the same filing system location then care must be taken to ensure that httpd is not able to serve inappropriate content such as the contents of the WEB-INF directory or JSP source code. This could occur if the httpd DocumentRoot overlaps with a Tomcat Host's appBase or the docBase of any Context. It could also occur when using the httpd Alias directive with a Tomcat Host's appBase or the docBase of any Context.
2) Well, let's have a look on the Apache web server handler. A "handler" is an internal Apache representation of the action to be performed when a file is called. Generally, files have implicit handlers, based on the file type. Normally, all files are simply served by the server, but certain file types are "handled" separately. If you want to handle ".jsp" files you may for example use the Apache module "mod_mime" in order to associate the requested filename's extensions with the file's behavior (handlers and filters) and content (mime-type, language, character set and encoding).
Status-Code: 200
Status: 200 OK
Date: ... 16 Mar 2016 15:15:33 GMT
:
If the http status code is followed by the date response header in the second line it usually means that it the page is using an Apache httpd as web server. In this case I assumed that an httpd is used in front of an Tomcat web server. If i am right then they could probably be using some module to dispatch the files between the httpd and the Tomcat web server which means I could potentially trick the routing to expose the source code of any ".jsp" or ".inc" files by appending specific lower ascii characters - depending on whether they are using a Connector or Handler.
Connector, Handler, File Descriptor
1) The Apache Tomcat Connectors: If Apache httpd and Tomcat are configured to serve content from the same filing system location then care must be taken to ensure that httpd is not able to serve inappropriate content such as the contents of the WEB-INF directory or JSP source code. This could occur if the httpd DocumentRoot overlaps with a Tomcat Host's appBase or the docBase of any Context. It could also occur when using the httpd Alias directive with a Tomcat Host's appBase or the docBase of any Context.
2) Well, let's have a look on the Apache web server handler. A "handler" is an internal Apache representation of the action to be performed when a file is called. Generally, files have implicit handlers, based on the file type. Normally, all files are simply served by the server, but certain file types are "handled" separately. If you want to handle ".jsp" files you may for example use the Apache module "mod_mime" in order to associate the requested filename's extensions with the file's behavior (handlers and filters) and content (mime-type, language, character set and encoding).
What will the httpd do if you try to access file which is not explicitly associated with a handler or filter? Httpd will serve the file as plain text without further actions which means that we can potentially exploit this behaviour.
Analysis
In the case of my research of this particular target system i knew from the information gathering analysis that they were handling ".jsp" files, so i assumed that they are using an Apache httpd in the front and an Tomcat or similar web server in the back end of the architecture. So i tried to append some character to the file extension like this in order to get some information by forcing the system to run in some uncaught exceptions and show up with any anormally behaviour:https://www.victim.tld/password.jsp�HTTP ERROR: 400
CVE-2007-1860: mod_jk double-decoding:
Domain Information for secalert.net
| Domain Registrar: |
UNITED-DOMAINS AG
|
|---|---|
| Registration Date: | 2011-03-28 1 decade 3 years 1 month ago |
| Last Modified: | 2016-03-29 8 years 1 month 1 hour ago |
| Expiration Date: | 2017-03-28 7 years 1 month 1 hour ago |
Domain Nameserver Information
| Host | IP Address | Country | |
|---|---|---|---|
| ns.udag.de |
|
192.174.68.8 |
 Austria
|
| ns.udag.net |
|
176.97.158.8 |
Austria
|
| ns.udag.org |
|
176.97.158.91 |
Austria
|
DNS Record Analysis
| Host | Type | TTL | Extra |
|---|---|---|---|
| secalert.net | A | 3600 |
IP:78.46.124.97 |
| secalert.net | NS | 86400 |
Target:ns.udag.net |
| secalert.net | NS | 86400 |
Target:ns.udag.org |
| secalert.net | NS | 86400 |
Target:ns.udag.de |
| secalert.net | SOA | 86400 |
MNAME:ns.udag.net RNAME:hostmaster.united-domains.de Serial:2015072401 Refresh:10800 Retry:3600 Expire:604800 |
| secalert.net | MX | 14400 |
Priority:20 Target:mx01.udag.de |
| secalert.net | MX | 14400 |
Priority:10 Target:mx00.udag.de |
| secalert.net | AAAA | 3600 |
IPV6:2a01:4f8:c17:32c0::2 |
Similarly Ranked Websites to Secalert
Boty na kolo FIVE TEN a ponožkoboty SKINNERS | ElementStore CZ
ElementStore - Pořiď si sportovní boty Five Ten, co opravdu vydrží! Boty na kolo, trekové boty, lezečky. Prodáváme, radíme, podporujeme freeride i turistiku.
1,046,839 
$ 720.00
