Skip to content

Instantly share code, notes, and snippets.

@afuggini

afuggini/clarin-phase4-scan.md

Created February 9, 2026 18:17
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save afuggini/5480740ff2e19fafbcf179fb80e147e5 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save afuggini/5480740ff2e19fafbcf179fb80e147e5 to your computer and use it in GitHub Desktop.
Download ZIP
clarin.com Phase 4 Security Scan - Feb 2026
Raw
clarin-phase4-scan.md

🎯 clarin.com - Phase 4 Security Scan

Date: 2026-02-09 18:15 UTC
Scanner: Bounty Hunt CLI v4.0 (Phase 4)
Target: https://www.clarin.com

πŸ“Š Executive Summary

Metric Result
Overall Risk Score 75/100 (High) πŸ”΄
Critical Issues 2
High Issues 1
Medium Issues 1
Low Issues 1

🚨 Critical Findings

1. Dangerous HTTP Methods Enabled

Severity: CRITICAL πŸ”΄
Risk Score: 100/100

Method Status Severity Impact
PUT βœ… Allowed CRITICAL Allows uploading/modifying files on server
DELETE βœ… Allowed CRITICAL Allows deleting resources on server
CONNECT βœ… Allowed HIGH Allows tunneling (proxy abuse)
PATCH βœ… Allowed MEDIUM Allows patching resources

All Allowed Methods: DELETE, OPTIONS, PUT, PATCH, GET, CONNECT, HEAD

Recommendation: Disable PUT, DELETE, CONNECT, and PATCH methods on production web servers. Only allow GET, HEAD, POST, and OPTIONS.

πŸ” Endpoint Discovery

Metric Value
Endpoints Found 8
Hidden/Sensitive 5
Risk Score High

Discovered Endpoints

URL Status Notes
/login 200 Login page
/videos 200 Video section
/wp-login 200 WordPress login (interesting for news site)
/.env 403 Blocked (good)
/.git 403 Blocked (good)
/.svn 403 Blocked (good)
/.hg 403 Blocked (good)
/phpinfo.php 403 Blocked (good)

Positive: Sensitive files (.env, .git, etc.) return 403 Forbidden

πŸ“œ JavaScript Analysis

Metric Value
JS Files Scanned 20
Endpoints Extracted 8
API References Found

Extracted Endpoints: FCCDCF, code, state, content-type, api

πŸ“§ Email Security

Check Status
SPF Record βœ… Valid
DKIM ⚠️ Not detected
DMARC ⚠️ Not detected
Risk Score 15 (Low)

πŸͺ Cookie Security

Metric Value
Cookies Set 1
Security Issues 0
Risk Score 0

πŸ”“ Serialization Testing

Metric Value
Formats Detected 0
Vulnerabilities 0
Risk Score 0

☁️ Cloud Storage

Metric Value
Buckets Found 0
Exposed Buckets 0

πŸ”‘ API Key Detection

Metric Value
JS Files Scanned Multiple
Credentials Found 0

πŸ›‘οΈ Security Posture Summary

Vulnerabilities Found

# Issue Severity Status
1 PUT method enabled CRITICAL ⚠️ Needs Fix
2 DELETE method enabled CRITICAL ⚠️ Needs Fix
3 CONNECT method enabled HIGH ⚠️ Needs Fix
4 PATCH method enabled MEDIUM ⚠️ Needs Fix
5 Missing DKIM/DMARC LOW Recommended

Positive Security Controls

  • βœ… Sensitive files blocked (403)
  • βœ… SPF email authentication
  • βœ… No exposed API keys
  • βœ… No insecure deserialization
  • βœ… No exposed cloud buckets
  • βœ… Secure cookies

🎯 Remediation Priority

  1. [CRITICAL] Disable PUT method on web server
  2. [CRITICAL] Disable DELETE method on web server
  3. [HIGH] Disable CONNECT method (prevents proxy abuse)
  4. [MEDIUM] Disable PATCH method
  5. [LOW] Configure DKIM and DMARC for email security

πŸ“‹ Technical Details

Server Response Headers

  • Blocks access to sensitive paths
  • Returns 403 for common sensitive files
  • Has WordPress installation (wp-login endpoint)

Risk Calculation

  • HTTP Methods: +100 (critical methods enabled)
  • Email: +15 (missing DKIM/DMARC)
  • Endpoints: +10 (wp-login exposed)
  • Mitigated: -50 (sensitive files blocked, no exposed secrets)
  • Final Score: 75/100

⚠️ Disclaimer

This scan was performed for educational and research purposes only. The findings should be reported through proper responsible disclosure channels.

Generated by Bounty Hunt CLI v4.0
https://github.com/ArielFuggini/bounty-hunter

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment