https://cirt.net/nikto2

Fire Up Kali & Open Nikto

Let's fire up Kali and get started with nikto. Once we have Kali up and running, go to Kali Linux -> Vulnerability Analysis -> Misc Scanners -> nikto, like in the screenshot below.

Image via wonderhowto.com

Although there are many options in using nikto, we will limit ourselves here to the basic syntax, such as this:

  • nikto -h <IP or hostname>

Step 2Scan the Web Server

Let's start with a safe web server on our own network. In this case, I have started the http service on another machine on my network. There is not a website hosted by this machine, just the web server. Let's scan it for vulnerabilities by typing:

  • nikto -h 192.168.1.104

Nikto responds with a lot of information, as you can see below.

First, it tells us the server is Apache 2.2.14, probably on Ubuntu. It nailed this info and gives up more information on other potential vulnerabilities on this web server.

Note near the bottom that it identifies some vulnerabilities with the OSVDB prefix. This is the Open Source Vulnerability Database. This is a database maintained of known vulnerabilities at www.osvdb.org, in addition to other databases I covered, such as SecurityFocus and Microsoft's Technet.

Step 3Scan the Site

Let's try another site. In an earlier tutorial, we had hacked a web server named webscantest.com. Let's see what nikto can tell us about this site.

  • nikto -h webscantest.com

Once again, it identifies the server (Apache) and then proceeds to identify numerous potential vulnerabilities pre-fixed with OSVDB. We can take a look at that website at www.osvdb.org to learn more about these vulnerabilities.

Now, let's use this site to find information on one of the vulnerabilities identified by nikto as OSVDB-877. We can put that reference number into the search function and it retrieves the following page.

Note, in lower half of this page there are cross-references to the various information sources about this vulnerability, as well as references to tools and filters such as Nikto, Nessus, and Snort.

Scan WonderHowTo

Let's scan a few more sites and see what it can tell us about these sites. Let's see what we can find out about our own website, www.wonderhowto.com.

  • nikto -h wonderhowto.com

As you can see, it tells us that WonderHowTo is using Microsoft's IIS 8.5 as a web server and then lists numerous potential vulnerabilities.

However, any attempt to exploit the vulnerabilities listed will reveal that they're all false-positives, as WonderHowTo simply returns a harmless 404 page. This is because WonderHowTo is not built on php or asp as the noted exploits expect.

False positives like this can appear because the scan does not actually execute each of the possible vulnerabilities, but rather scans to see if the server responds without error to known exploitable URLs.

Scan Facebook

Finally, lets point nikto at www.facebook.com.

  • nikto -h facebook.com

As you can see, Facebook is tightly secured with few vulnerabilities. As you can imagine, if Facebook weren't secure, every script-kiddie on the planet would be hacking it to see who his true love is chatting with online.

Nikto的更多相关文章

  1. 用Nikto探测一个网站所用到的技术

    Nikto是一款开源的(GPL)网页服务器扫描器,它可以对网页服务器进行全面的多种扫描,包含超过3300种有潜在危险的文件/CGIs:超过 625种服务器版本:超过230种特定服务器问题,包括多种有潜 ...

  2. Nikto是一款Web安全扫描工具,可以扫描指定主机的web类型,主机名,特定目录,cookie,特定CGI漏洞,XSS漏洞,SQL注入漏洞等,非常强大滴说。。。

    Nikto是一款Web安全扫描工具,可以扫描指定主机的web类型,主机名,特定目录,cookie,特定CGI漏洞,XSS漏洞,SQL注入漏洞等,非常强大滴说... root@xi4ojin:~# cd ...

  3. 小白日记28:kali渗透测试之Web渗透-扫描工具-Nikto

    扫描工具-Nikto #WEB渗透 靶机:metasploitable 靶场:DVWA[默认账号/密码:admin/password] #新手先将DVWA的安全性,调到最低,可容易发现漏洞 侦察[减少 ...

  4. New ipad安装Perl支持安装nikto

    Title:New ipad安装Perl支持安装nikto --2012-11-15 09:47 New Ipad 越了后. ssh new ipad 进入目录 cd /tmp 下载Key文件 wge ...

  5. Nikto and whatweb

    root@kali:~# nikto -host www.baidu.com- Nikto v2.1.6------------------------------------------------ ...

  6. Nikto主动扫描神器!!!

    Perl语言开发的开源web安全扫描器 Nikto只支持主动扫描:可扫描web服务器类型是不是最新版本(分析先版本与新版相比有哪些漏洞) 针对:1.软件版本.2.搜索存在安全隐患的文件.3.服务器配置 ...

  7. Nikto学习点

    一.使用Nikto扫描https站点 nikto.pl -output myhost.html -g -ssl -Format HTM -host www.test.com -port 443 二.使 ...

  8. Kali学习笔记24:Nikto、Skipfish

    文章的格式也许不是很好看,也没有什么合理的顺序 完全是想到什么写一些什么,但各个方面都涵盖到了 能耐下心看的朋友欢迎一起学习,大牛和杠精们请绕道 实验环境: Kali机器IP:192.168.163. ...

  9. web扫描工具-Nikto介绍与使用

    Nikto Perl语言开发的开源Web安全扫描器 web扫描模式:截断代理主动扫描 可以扫描的方面:软件版本搜索存在安全隐患的文件服务器配置漏洞WEB Application层面的安全隐患避免404 ...

随机推荐

  1. shell基础:位置参数变量

    位置参数名称,作用不变.变得是传入参数. 抽象问题,大多为年长资格老师少数年轻老师,故而问的技术细节少,抽象理论知识多,比如什么是软件工程,问什么会有软件工程.有事注重的是品质,有的注重出身. 每种都 ...

  2. Hibernate框架第一天

    **框架和CRM项目的整体介绍** 1. 什么是CRM * CRM(Customer Relationship Management)客户关系管理,是利用相应的信息技术以及互联网技术来协调企业与顾客间 ...

  3. sqli-labs(八)——修改密码处sql注入+http头sql注入

    第17关: 这是一个重置密码的功能存在sqk注入,尝试账号密码都输入'",发现只会显示登陆失败,没有报错信息. 这个时候先推测一下后台的sql形式大概应该是: update users se ...

  4. react-demo

    实现博客动态的评论.动态的点赞.评论的删除. 百度云链接:https://pan.baidu.com/s/199l3iu0qhM6qSe9CBnHFzw 提取码:n4w6

  5. MongoDB Driver:使用正确的姿势连接复制集

    from:https://yq.aliyun.com/articles/8461?spm=5176.7937264.222114.10.s2oqcT   摘要: MongoDB复制集(Replica ...

  6. Eclipse 在Debug调试中用到的快捷键

    作用域 功能 快捷键 全局 单步返回 F7 全局 单步跳过 F6 全局 单步跳入 F5 全局 单步跳入选择 Ctrl+F5 全局 调试上次启动 F11 全局 继续 F8 全局 使用过滤器单步执行 Sh ...

  7. uvalive 4848 Tour Belt

    题意: 一个KTO被定义为一个特殊的连通块,这个连通块满足一个要求,这个连通块中的最短的边大于 与这个连通相连的不属于这个连通块的边中的最大值. 给出一个图,统计KTO里面的点有多少个.(一个点可以属 ...

  8. ReactiveCocoa(I)

    ReactiveCocoa常见类 1. RAC中最核心的类RACSiganl: RACSiganl:信号类,一般表示将来有数据传递,只要有数据改变,信号内部接收到数据,就会马上发出数据 解析: 信号类 ...

  9. 财务自由VS精神自由

    财务自由 财务自由,在物质层面改善人的生活.它使人不愁生计.住更宽敞明亮的房间,穿锦衣绸缎,自由自在地游玩,做自己想做的事儿.可是,这就是它的能力所及了.钱无法改变人的品味.审美和人格.它也无法告诉人 ...

  10. python 正则re.search

    re.search 扫描整个字符串并返回第一个成功的匹配. 上码: import re line = "Cats are smarter than dogs"; searchObj ...