CannaPower bietet 2.000 EUR Kopfgeld: Diese Seite muss vom Netz!

Kommentare
21 

https://www.cannapower.be/faq.html#SD00u
Known vulnerabilities (CVE)
https://www.cannapower.be/faq.html
Component	Version	CVE details
jquery	1.7.2	
Found in: https://www.cannapower.be/jquery-1.7.2.min.js
Severity	Summary	Proof
Medium	Selector interpreted as HTML	CVE-2012-6708
Medium	3rd party CORS request may execute	CVE-2015-9251
Medium	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution	CVE-2019-11358
Medium	Regex in its jQuery.htmlPrefilter sometimes may introduce XSS	CVE-2020-11022
Medium	Regex in its jQuery.htmlPrefilter sometimes may introduce XSS	CVE-2020-11023
jquery	1.12.4	
Found in: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3
Severity	Summary	Proof
Medium	3rd party CORS request may execute	CVE-2015-9251
Medium	parseHTML() executes scripts in event handlers	CVE-2015-9251
Medium	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution	CVE-2019-11358
Medium	Regex in its jQuery.htmlPrefilter sometimes may introduce XSS	CVE-2020-11022
Medium	Regex in its jQuery.htmlPrefilter sometimes may introduce XSS	CVE-2020-11023
moment.js	2.24.0	
Found in: https://ipleak.net/static/js/moment-with-locales.min.js
Severity	Summary	Proof
High	This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale.	CVE-2022-24785
High	Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4	CVE-2022-31129



PTK report:
www.cannapower.be
[Penetration Testing Kit]
Technology stack
Name	Version
Nginx	
Google Cloud	
Cloudflare	
Cloudflare Bot Management	
Google Analytics	
Google Cloud CDN	
HSTS	
HTTP/3	
OWASP Secure Headers
Header Name	Description
X-Content-Type-Options	X-Content-Type-Options header not found or it has wrong value
HSTS	Strict-Transport-Security header not found
X-Frame-Options	X-Frame-Options header is deprecated
X-XSS-Protection	X-XSS-Protection header is deprecated
WAF / CDN
Name	Version
Cloudflare (Cloudflare Inc.)	
FortiWeb (Fortinet)	
Authentication and storage
Cookie
Name	Value	HttpOnly
.bit.ly
_bit	n4nhca-9ac14f3e503fc7e534-00B	false
.nordvpn.com
__cf_bm	1zarrY9k4KrUWCFOphgj7FbIxURMNM70edlQMpJ0Krs-1684861936-0-AQ4abUobRabmaP0CzahDMubL4yXUpe7PVE9txur1QmM5tugeMPA2Cm5JPFnXjf5O/HBSXh5uP99E0D22wkNsd/0=	true
_ga	GA1.1.509874076.1684861933	false
_ga_LEXMJ1N516	GS1.1.1684861932.1.1.1684861932.0.0.0	false
aff_id	54724	false
aff_transaction_id	102826dd4db7f9ecf1adf1f9e60036	false
CurrentSession	source%3Daff54724%26campaign%3Doff306%26medium%3Daffiliate%26term%3Dc-be%26content%3Dc-be%26hostname%3Dnordvpn.com%26date%3D20230523%26query%3Daff_click_id%3E102ca5cfa0c47016ca267e8de0c335	false
experiment		false
experiment_global		false
experiment_local	DbJoH.2	false
FirstSession	source%3Daff54724%26campaign%3Doff306%26medium%3Daffiliate%26term%3Dc-be%26content%3Dc-be%26hostname%3Dnordvpn.com%26date%3D20230523%26query%3Daff_click_id%3E102ca5cfa0c47016ca267e8de0c335	false
font-css-en	true	false
locale	de	false
nc	1684896696495	false
nci	13	false
nextbid	97eded23-99c3-4eae-b8af-134129deeb30	false
nordvpn_aff_id	54724	false
nordvpn_aff_transaction_id	102826dd4db7f9ecf1adf1f9e60036	false
go.nordvpn.net
enc_aff_session_306	ENC03f49d0551c20d98a9eb711c125e9bd901e5ca69dd9fb84e27905d24b97ca118b51cc0501df9e68d9693ff95beb829ca7da3e7af710f3ec1da3c3ae7eb0a673f3305620339894339f53b7588d4828d3e8c564c3c3b3872f6d0ed01b45cc0bca77553d2fe0bd65b79aff033173a6829db3f7e3eef78d989e45e1f993b4c472b681207e58881	false
ho_mob	eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTMuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDkuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMTMuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLGVuLVVTO3E9MC43LGVuO3E9MC4zIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9	false
Known vulnerabilities (CVE)
Component	Version	CVE details
jquery	1.7.2	
Found in: https://www.cannapower.be/jquery-1.7.2.min.js
Severity	Summary	Proof
Medium	Selector interpreted as HTML	CVE-2012-6708
Medium	3rd party CORS request may execute	CVE-2015-9251
Medium	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution	CVE-2019-11358
Medium	Regex in its jQuery.htmlPrefilter sometimes may introduce XSS	CVE-2020-11022
Medium	Regex in its jQuery.htmlPrefilter sometimes may introduce XSS	CVE-2020-11023
jquery	1.12.4	
Found in: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3
Severity	Summary	Proof
Medium	3rd party CORS request may execute	CVE-2015-9251
Medium	parseHTML() executes scripts in event handlers	CVE-2015-9251
Medium	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution	CVE-2019-11358
Medium	Regex in its jQuery.htmlPrefilter sometimes may introduce XSS	CVE-2020-11022
Medium	Regex in its jQuery.htmlPrefilter sometimes may introduce XSS	CVE-2020-11023
moment.js	2.24.0	
Found in: https://ipleak.net/static/js/moment-with-locales.min.js
Severity	Summary	Proof
High	This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale.	CVE-2022-24785
High	Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4	CVE-2022-31129
R-Attacker
20
Attacks
2
Findings
2
Low
0
Medium
0
High
https://www.cannapower.be/faq.html

Attack: Missing Content-Security-Policy header
GET https://www.cannapower.be/faq.html HTTP/1.1
Host: www.cannapower.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cannapower.be/links.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
sec-ch-ua-platform: "Linux"
sec-ch-ua: "Google Chrome";v="107", "Chromium";v="107", "Not=A?Brand";v="24"
sec-ch-ua-mobile: ?0
Cache-Control: no-cache
HTTP/2.0 200 OK
date: Tue, 23 May 2023 17:13:39 GMT
content-type: text/html
last-modified: Wed, 27 Oct 2021 07:15:03 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdBSdWc8AyeEbWyXIxkDAfUiBvkOGOyA9zQBWZCTz0qjVb2OlE1EsMinKr5EgdNtudeerwrG8d4jVtkpyL1CNQC77tsoD82IiI%2Bt9E4VWyi7PAQ6OOxVkLQ0C6TpQZaIZUzGQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbeee44a930b8b2-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
22

halt der alte Saugstuben Banner <3

1 „Gefällt mir“
23

domain ist umgezogen
Registrar:
Name: Dynadot LLC
Website: http://www.dynadot.com

24

Das war wohl nix, cannapower.be ist weiterhin online. Gerade so, als wäre nie etwas gewesen…

25

Das war auch fast zu erwarten, da der Klon anscheinend sehr gut organisiert ist ! Die Site für immer vom Netz zu nehmen, scheint auch sehr aufwendig und arbeitsintensiv. Da macht sich ein echter Experte für 2K Euronen nicht die Finger für dreckig!
Vielleicht hätte es jemand gemacht, wenn man den Lohn erhöht hätte, mit der Zeit. Ich denke, dass dieses Geld auch vorhanden ist, bei den Canna-Betreibern. Schon irgendwie komisch, dass es im Umfeld von CannaPower niemanden direkt gibt, der die Aufgabe bewältigen könnte und auch Willens dazu ist?!? :thinking: