Login

1van

Ovo je tema gde možemo da ostavljamo liste domena, dns zona i ip adresa, koje ne pripadaju direktno nekoj temi, ali koje će koristiti Bezbedan Balkan OSINT Agregator za preseke i analize.

Na primer u temi "portal.eps.rs ne radi ceo dan" došli smo do podataka da je moguća odgovorna kompanija iza ovog problema nites.rs.
Liste poznatih domena ove kompanije možemo da vidimo ovde: https://securitytrails.com/list/apex_domain/nites.rs. Ako na to dodamo i trenutnu DNS A zonu, dobijemo sledeću listu:

Quote:agrar.nites.rs: api.scase.nites.rs: 79.101.38.237
app.ebol-dev.nites.rs: 79.101.38.237
autoconfig.demo.nites.rs: autoconfig.nites.rs: autodiscover.demo.nites.rs: autodiscover.nites.rs: cpanel.demo.nites.rs: 94.127.7.135
cpanel.nites.rs: 94.127.7.135
cpcalendars.demo.nites.rs: 94.127.7.135
cpcalendars.nites.rs: 94.127.7.135
cpcontacts.demo.nites.rs: 94.127.7.135
cpcontacts.nites.rs: 94.127.7.135
demo.nites.rs: 94.127.7.135
demowaf.nites.rs: 79.101.38.236
dev-edv2.ebolovanje.nites.rs: 79.101.38.237
dev-ekomisija.ebolovanje.nites.rs: 79.101.38.237
dev-reportingserver.nites.rs: 79.101.38.237
dev-reports.nites.rs: 79.101.38.237
doctor-deeops.nites.rs: ebolovanje-api.nites.rs: 79.101.38.237
ehr-deeops.nites.rs: ehr-livekit.nites.rs: ehr-lkturn.nites.rs: elab-ui.nites.rs: 79.101.38.237
elab.grafana.nites.rs: 79.101.38.237
elab.nites.rs: 79.101.38.237
esb.nites.rs: 79.101.38.237
ezdapp-test.nites.rs: 79.101.38.232
ezdapp.nites.rs: 79.101.38.237
ezdviewer.nites.rs: 79.101.38.237
fma-api.nites.rs: 79.101.38.237
fma-s3-api.nites.rs: 79.101.38.237
fma-storage.nites.rs: fma-validation-api.nites.rs: 79.101.38.237
fma-web.nites.rs: 79.101.38.237
ftp.nites.rs: nites.rs. 94.127.7.135
git.nites.rs: 79.101.38.237
harbor.nites.rs: 79.101.38.237
hbapp.nites.rs: 79.101.38.238
hbdb.nites.rs: 79.101.38.238
hbdev.nites.rs: 79.101.38.238
hbtest.nites.rs: hepor.nites.rs: 79.101.38.232
heporapp-deeops.nites.rs: heporapp.nites.rs: 79.101.38.232
jira.nites.rs: 79.101.38.237
landing-deeops.nites.rs: led.nites.rs: livekit-turn.nites.rs: 79.101.38.232
livekit.nites.rs: 79.101.38.232
mail.nites.rs: nites.rs. 94.127.7.135
mantis.nites.rs: 79.101.38.237
nites.rs: 94.127.7.135
nitesgroup.nites.rs: nites.oneassessment.com. 104.26.10.134 104.26.11.134 172.67.70.32
nodesync.nites.rs: 79.101.38.237
owncloud.nites.rs: 79.101.38.237
paperflow.nites.rs: 79.101.38.237
patient-deeops.nites.rs: pepos-dev.nites.rs: 79.101.38.237
pl.nites.rs: 79.101.38.237
qualys.nites.rs: 79.101.38.235
registry.git.nites.rs: 79.101.38.237
reports.ebol-dev.nites.rs: 79.101.38.237
reports.elab.nites.rs: 79.101.38.237
scase.nites.rs: 79.101.38.237
sms.nites.rs: svn.nites.rs: 79.101.38.237
test.paperflow.nites.rs: 79.101.38.237
tiketing.nites.rs: 79.101.38.237
vcapp.nites.rs: 79.101.38.232
videosync.nites.rs: 79.101.38.233
vpn.nites.rs: 93.87.83.246
vuz-oauth.nites.rs: 79.101.38.237
vuz.nites.rs: 79.101.38.237
webdisk.demo.nites.rs: 94.127.7.135
webdisk.nites.rs: 94.127.7.135
webmail.demo.nites.rs: 94.127.7.135
webmail.nites.rs: 94.127.7.135
whm.demo.nites.rs: 94.127.7.135
whm.nites.rs: 94.127.7.135
www.api.scase.nites.rs: 79.101.38.237
www.demo.nites.rs: 94.127.7.135
www.led.nites.rs: www.nites-demo.nites.rs: www.nites.rs: nites.rs. 94.127.7.135
www.scase.nites.rs: 79.101.38.237

***y0d4*** · 12-20-2023, 12:53 PM

sunce ti, kada vidim nazive ovih subdomena..... strah me da ista pogledam, ko zna sta ce sve iskociti...
https://www.shodan.io/host/79.101.38.237

mogli su i verziju aplikacija da stave u rekord lol Big Grin

**milos_rs** · (This post was last modified: 12-20-2023, 01:09 PM by milos_rs.)

i još sve metnuli u jedan SSL sertifikat https://crt.sh/?id=11206177149 nikad lakša enumeracija. Ako ovi uopšte imaju nekoga iz infosec branše na platnom spisku ja sam Paja Patak

1van · 12-20-2023, 01:18 PM

Samo da ostavim da je naš alat za sada uhvatio ovo (hbdev.nites.rs):

[Image: attachment.php?aid=1781]

1van · 01-04-2024, 10:20 PM

Domeni za EMS: https://securitytrails.com/list/apex_domain/ems.rs + DIG A

Quote:ems.rs: 213.239.227.114
fe.ems.rs: 91.201.138.81
m3.ems.rs: 91.201.138.58
cert.ems.rs: 91.201.138.37
cloudshare.ems.rs: ws.ems.rs: karijera.ems.rs. 56555.jobs2web.com. rmk55.jobs2web.com. 34.89.238.75
oa.ems.rs: 91.201.138.201
lyncdiscoverinternal.ems.rs: esbace.ems.rs: gms.ems.rs: 91.201.136.39
shell.ems.rs: 91.201.138.83
opde.ems.rs: 91.201.138.52
sftp.ems.rs: 91.201.138.131
dev.app.ems.rs: 91.201.138.57
etender.ems.rs: 91.201.138.47
mms-pp-com.ems.rs: 91.201.138.51
meet.ems.rs: 91.201.138.81
hop.ems.rs: 91.201.138.34
mms.ems.rs: 91.201.138.55
oc.ems.rs: 91.201.138.78
market.ems.rs: 91.201.138.68
gw.lab.ems.rs: damas-test.ems.rs: 91.201.138.66
mail1.ems.rs: 91.201.138.76
karijera.ems.rs: 56555.jobs2web.com. rmk55.jobs2web.com. 34.89.238.75
videoconf.ems.rs: 91.201.138.84
nera.ems.rs: 91.201.138.61
povezijc.ems.rs: 91.201.136.4
vipeg.ems.rs: transparency.ems.rs: 91.201.138.43
crt1.ems.rs: 91.201.138.40
www.ems.rs: 213.239.227.114
ns.ems.rs: 91.201.136.36
upd.cert.ems.rs: 91.201.138.36
damas.ems.rs: 91.201.138.65
ns3.ems.rs: 13.93.12.34
owa.ems.rs: 91.201.138.200
povezivs.ems.rs: 91.201.138.20
auctions-pp.ems.rs: 91.201.138.133
autodiscover.ems.rs: 91.201.138.76
arhiva.ems.rs: 91.201.138.71
mx2.ems.rs: 91.201.138.77
ns2.ems.rs: 91.201.138.35
sip.ems.rs: 91.201.138.44
api.ems.rs: 91.201.138.202
mx1.ems.rs: 91.201.138.76
sde.ems.rs: 91.201.136.37
transparency-razvoj.ems.rs: 91.201.138.41
gw.ems.rs: 91.201.138.39
mail2.ems.rs: 91.201.138.77
sraamd.ems.rs: 91.201.138.42
mobi.ems.rs: 91.201.138.56
ftpvs.ems.rs: 91.201.138.49
rbos-web.ems.rs: 91.201.138.61
lyncdiscover.ems.rs: 91.201.138.81
app.ems.rs: m4.ems.rs: 91.201.138.53

Login
Username/Email:
Password:	Lost Password?
	Remember me