Thursday, October 31, 2013

Nikto : Open Source Web Server Scanner for Ubuntu / Debian Linux

Nikto is an Open Source (GPL) web server scanner which scans your webserver against more than 6500 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It has a very good plugin support

What Nikto can do.

    SSL Support (Unix with OpenSSL or maybe Windows with ActiveState's
    Full HTTP proxy support
    Checks for outdated server components
    Save reports in plain text, XML, HTML, NBE or CSV
    Template engine to easily customize reports
    Scan multiple ports on a server, or multiple servers via input file (including nmap output)
    LibWhisker's IDS encoding techniques
    Easily updated via command line
    Identifies installed software via headers, favicons and files
    Host authentication with Basic and NTLM
    Subdomain guessing
    Apache and cgiwrap username enumeration
    Mutation techniques to "fish" for content on web servers
    Scan tuning to include or exclude entire classes of vulnerability
    Guess credentials for authorization realms (including many default id/pw combos)
    Authorization guessing handles any directory, not just the root
    Enhanced false positive reduction via multiple methods: headers,
    page content, and content hashing
    Reports "unusual" headers seen
    Interactive status, pause and changes to verbosity settings
    Save full request/response for positive tests
    Replay saved positive requests
    Maximum execution time per target
    Auto-pause at a specified time
    Checks for common "parking" sites
    Logging to Metasploit
    Thorough documentation

Official site
To install in ubuntu / debian
$ sudo apt-get install nikto

Full installation of nikto will offer lot of options
$ nikto will give the list of options

For simple test

$ sudo nikto -h

output will we like this
abc@abc-desktop:~$ sudo nikto -h
- Nikto v2.1.4
+ Target IP:
+ Target Hostname:
+ Target Port:        80
+ Start Time:         2013-10-32 08:29:09
+ Server: Apache/2.2.22 (Debian)
+ Retrieved x-powered-by header: PHP/5.4.4-14+deb7u5

+ Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny3 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
+ OSVDB-877: HTTP method ('Allow' Header): 'TRACE' is typically only used for debugging and should be disabled. This message does not mean it is vulnerable to XST.
+ OSVDB-0: ETag header found on server, inode: 3965147, size: 2857, mtime: 0x433a88acc26c0
+ PHP/5.2.6-1+lenny3 appears to be outdated (current is at least 5.2.6RC4)
+ mod_perl/2.0.4 appears to be outdated (current is at least 5.8)

No comments: