https://www.cannapower.be/faq.html#SD00u
Known vulnerabilities (CVE)
https://www.cannapower.be/faq.html
Component Version CVE details
jquery 1.7.2
Found in: https://www.cannapower.be/jquery-1.7.2.min.js
Severity Summary Proof
Medium Selector interpreted as HTML CVE-2012-6708
Medium 3rd party CORS request may execute CVE-2015-9251
Medium jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution CVE-2019-11358
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS CVE-2020-11022
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS CVE-2020-11023
jquery 1.12.4
Found in: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3
Severity Summary Proof
Medium 3rd party CORS request may execute CVE-2015-9251
Medium parseHTML() executes scripts in event handlers CVE-2015-9251
Medium jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution CVE-2019-11358
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS CVE-2020-11022
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS CVE-2020-11023
moment.js 2.24.0
Found in: https://ipleak.net/static/js/moment-with-locales.min.js
Severity Summary Proof
High This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale. CVE-2022-24785
High Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4 CVE-2022-31129
PTK report:
www.cannapower.be
[Penetration Testing Kit]
Technology stack
Name Version
Nginx
Google Cloud
Cloudflare
Cloudflare Bot Management
Google Analytics
Google Cloud CDN
HSTS
HTTP/3
OWASP Secure Headers
Header Name Description
X-Content-Type-Options X-Content-Type-Options header not found or it has wrong value
HSTS Strict-Transport-Security header not found
X-Frame-Options X-Frame-Options header is deprecated
X-XSS-Protection X-XSS-Protection header is deprecated
WAF / CDN
Name Version
Cloudflare (Cloudflare Inc.)
FortiWeb (Fortinet)
Authentication and storage
Cookie
Name Value HttpOnly
.bit.ly
_bit n4nhca-9ac14f3e503fc7e534-00B false
.nordvpn.com
__cf_bm 1zarrY9k4KrUWCFOphgj7FbIxURMNM70edlQMpJ0Krs-1684861936-0-AQ4abUobRabmaP0CzahDMubL4yXUpe7PVE9txur1QmM5tugeMPA2Cm5JPFnXjf5O/HBSXh5uP99E0D22wkNsd/0= true
_ga GA1.1.509874076.1684861933 false
_ga_LEXMJ1N516 GS1.1.1684861932.1.1.1684861932.0.0.0 false
aff_id 54724 false
aff_transaction_id 102826dd4db7f9ecf1adf1f9e60036 false
CurrentSession source%3Daff54724%26campaign%3Doff306%26medium%3Daffiliate%26term%3Dc-be%26content%3Dc-be%26hostname%3Dnordvpn.com%26date%3D20230523%26query%3Daff_click_id%3E102ca5cfa0c47016ca267e8de0c335 false
experiment false
experiment_global false
experiment_local DbJoH.2 false
FirstSession source%3Daff54724%26campaign%3Doff306%26medium%3Daffiliate%26term%3Dc-be%26content%3Dc-be%26hostname%3Dnordvpn.com%26date%3D20230523%26query%3Daff_click_id%3E102ca5cfa0c47016ca267e8de0c335 false
font-css-en true false
locale de false
nc 1684896696495 false
nci 13 false
nextbid 97eded23-99c3-4eae-b8af-134129deeb30 false
nordvpn_aff_id 54724 false
nordvpn_aff_transaction_id 102826dd4db7f9ecf1adf1f9e60036 false
go.nordvpn.net
enc_aff_session_306 ENC03f49d0551c20d98a9eb711c125e9bd901e5ca69dd9fb84e27905d24b97ca118b51cc0501df9e68d9693ff95beb829ca7da3e7af710f3ec1da3c3ae7eb0a673f3305620339894339f53b7588d4828d3e8c564c3c3b3872f6d0ed01b45cc0bca77553d2fe0bd65b79aff033173a6829db3f7e3eef78d989e45e1f993b4c472b681207e58881 false
ho_mob eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTMuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDkuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMTMuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLGVuLVVTO3E9MC43LGVuO3E9MC4zIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 false
Known vulnerabilities (CVE)
Component Version CVE details
jquery 1.7.2
Found in: https://www.cannapower.be/jquery-1.7.2.min.js
Severity Summary Proof
Medium Selector interpreted as HTML CVE-2012-6708
Medium 3rd party CORS request may execute CVE-2015-9251
Medium jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution CVE-2019-11358
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS CVE-2020-11022
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS CVE-2020-11023
jquery 1.12.4
Found in: https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3
Severity Summary Proof
Medium 3rd party CORS request may execute CVE-2015-9251
Medium parseHTML() executes scripts in event handlers CVE-2015-9251
Medium jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution CVE-2019-11358
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS CVE-2020-11022
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS CVE-2020-11023
moment.js 2.24.0
Found in: https://ipleak.net/static/js/moment-with-locales.min.js
Severity Summary Proof
High This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale. CVE-2022-24785
High Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4 CVE-2022-31129
R-Attacker
20
Attacks
2
Findings
2
Low
0
Medium
0
High
https://www.cannapower.be/faq.html
Attack: Missing Content-Security-Policy header
GET https://www.cannapower.be/faq.html HTTP/1.1
Host: www.cannapower.be
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cannapower.be/links.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
sec-ch-ua-platform: "Linux"
sec-ch-ua: "Google Chrome";v="107", "Chromium";v="107", "Not=A?Brand";v="24"
sec-ch-ua-mobile: ?0
Cache-Control: no-cache
HTTP/2.0 200 OK
date: Tue, 23 May 2023 17:13:39 GMT
content-type: text/html
last-modified: Wed, 27 Oct 2021 07:15:03 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdBSdWc8AyeEbWyXIxkDAfUiBvkOGOyA9zQBWZCTz0qjVb2OlE1EsMinKr5EgdNtudeerwrG8d4jVtkpyL1CNQC77tsoD82IiI%2Bt9E4VWyi7PAQ6OOxVkLQ0C6TpQZaIZUzGQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cbeee44a930b8b2-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2halt der alte Saugstuben Banner <3
1 Like
domain ist umgezogen
Registrar:
Name: Dynadot LLC
Website: http://www.dynadot.com
Das war wohl nix, cannapower.be ist weiterhin online. Gerade so, als wĂ€re nie etwas gewesenâŠ
Das war auch fast zu erwarten, da der Klon anscheinend sehr gut organisiert ist ! Die Site fĂŒr immer vom Netz zu nehmen, scheint auch sehr aufwendig und arbeitsintensiv. Da macht sich ein echter Experte fĂŒr 2K Euronen nicht die Finger fĂŒr dreckig!
Vielleicht hÀtte es jemand gemacht, wenn man den Lohn erhöht hÀtte, mit der Zeit. Ich denke, dass dieses Geld auch vorhanden ist, bei den Canna-Betreibern. Schon irgendwie komisch, dass es im Umfeld von CannaPower niemanden direkt gibt, der die Aufgabe bewÀltigen könnte und auch Willens dazu ist?!? 
