Skip to content
A look into the "state" of the .gov.uk namespace
Branch: master
Clone or download
Latest commit 7831cdf Mar 26, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Update README.md Mar 26, 2019

README.md

Update, March 23rd.

This got picked up by New Scientist. The link to the article is here.

https://www.newscientist.com/article/2197453-thousands-of-security-flaws-found-on-uk-government-websites/

Helped by a fellow Redditor, Here is the data we generated.

https://github.com/nannal/GovUK-CVE

Here is a Reddit post about it.

https://www.reddit.com/r/netsec/comments/b4g35c/a_post_i_made_about_govuk_domains_here_got_picked/

MappingGovUKDomains

A look into the "state" of the .gov.uk namespace

I have decided to look into the state of the .gov.uk name space.

Before I go any further. I CANNOT STRESS THIS ENOUGH..... ABSOLUTELY NO INTRUSION WAS UNDERTAKEN, EVERYTHING YOU SEE HERE HAS BEEN UNDERTAKEN WITHIN BOUNDS OF THE LAW AND ALL USING PUBLICLY AVAILABLE INFORMATION.

Simple http get requests for e.g

Using the list available here.

https://www.gov.uk/government/publications/list-of-gov-uk-domain-names

A list of the unique HTTP Servers found...

  • AOLserver/4.5.1 - only 12 year out of date.
  • ATS/7.1.2
  • AkamaiGHost
  • AmazonS3
  • Apache
  • Apache-Coyote/1.1
  • Apache/2
  • Apache/2.2
  • Apache/2.2.15
  • Apache/2.2.15 (CentOS)
  • Apache/2.2.22 (Debian)
  • Apache/2.2.22 (Ubuntu)
  • Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
  • Apache/2.2.27 (Win64) mod_ssl/2.2.27 OpenSSL/1.0.1i mod_jk/1.2.41
  • Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
  • Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.3.29
  • Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.2l
  • Apache/2.2.34 (Amazon)
  • Apache/2.4.10
  • Apache/2.4.10 (Debian)
  • Apache/2.4.18 (Ubuntu)
  • Apache/2.4.23 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 PHP/5.6.23
  • Apache/2.4.25 (Debian)
  • Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
  • Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips
  • Apache/2.4.27 (Amazon) PHP/5.5.38
  • Apache/2.4.27 (Win64) OpenSSL/1.1.0f PHP/7.1.9
  • Apache/2.4.29 (Ubuntu)
  • Apache/2.4.29 (cPanel) OpenSSL/1.0.2n mod_bwlimited/1.4
  • Apache/2.4.33 (Amazon) mod_wsgi/3.5 Python/2.7.14
  • Apache/2.4.33 (FreeBSD) PHP/7.0.29 OpenSSL/1.0.1s-freebsd
  • Apache/2.4.33 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
  • Apache/2.4.33 (Win32) OpenSSL/1.0.2n PHP/5.6.34
  • Apache/2.4.33 (cPanel) OpenSSL/1.0.2o mod_bwlimited/1.4
  • Apache/2.4.34 (Ubuntu)
  • Apache/2.4.34 (Win32) mod_jk/1.2.43
  • Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.39
  • Apache/2.4.37 (Amazon) PHP/7.0.32
  • Apache/2.4.37 (Unix)
  • Apache/2.4.37 (codeit) mpm-itk/2.4.7-04 OpenSSL/1.1.1 PHP/5.6.38
  • Apache/2.4.38
  • Apache/2.4.38 (Ubuntu)
  • Apache/2.4.38 (Unix)
  • Apache/2.4.38 (cPanel) OpenSSL/1.0.2q mod_bwlimited/1.4
  • Apache/2.4.6
  • Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
  • Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.32
  • Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.3
  • Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
  • Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
  • Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 mod_python/3.5.0- Python/2.7.5
  • Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.1.27
  • Apache/2.4.7
  • Apache/2.4.7 (Ubuntu)
  • Big Blue Door - www.bigbluedoor.net
  • Bury Council
  • Easter Bunny Nice
  • GBC
  • Glasgow City Council Webserver
  • GlassFish Server Open Source Edition 4.1.1
  • HTTP_Server
  • Kestrel
  • Leenix
  • LiteSpeed
  • Lotus-Domino
  • Microsoft-HTTPAPI/2.0
  • Microsoft-IIS/10.0
  • Microsoft-IIS/7.0 Please update!!
  • Microsoft-IIS/7.5
  • Microsoft-IIS/8.0
  • Microsoft-IIS/8.5
  • Oracle-Application-Server-10g OracleAS-Web-Cache-10g/10.1.2.3.0 (G;max-age=0+0;age=0;ecid=8865235808194,0)
  • PFIKS
  • Pagely Gateway/1.5.1
  • Pepyaka/1.13.10
  • Private Server
  • PublicWebSRV01 We can guess your internal naming scheme
  • Sprog
  • Stratford-on-Avon District Council
  • Sucuri/Cloudproxy
  • The National Archives
  • Torbay Council
  • Unavailable
  • Web Server
  • Web Server 2
  • Web Server mod_fcgid/2.3.9 mod_perl/2.0.4 Perl/v5.10.1
  • cloudflare
  • gunicorn/19.5.0
  • nginx
  • nginx/1.10.3
  • nginx/1.10.3 (Ubuntu)
  • nginx/1.12.1
  • nginx/1.12.2
  • nginx/1.13.12
  • nginx/1.13.6
  • nginx/1.14.0 (Ubuntu)
  • nginx/1.14.1
  • nginx/1.14.2
  • nginx/1.15.8
  • nginx/1.2.1
  • nginx/1.4.6 (Ubuntu)... Changes with nginx 1.4.7....#18 Mar 2014 ...http://nginx.org/en/CHANGES-1.4
  • openresty
  • openresty/1.13.6.2
  • scc-web
  • uk_gov_shropshire
  • w3pcloud

Whilst some of these are actually OK, No footprints etc....Some of them are actually quite good...Those of you who use cloudflare...Kudos. I have guessed there is a HTTPS site at the available address, I might try HTTP later.

I will be conducting further research, Open to ideas however I am going to map the most commonly used words across all domains (Might be useful to someone out there right?) and some basic security checks.

I am open to any questions. Shameless plug, Available for paid consultancy work.

Stay Tuned

You can’t perform that action at this time.