written 2.4 years ago by |
Solution
Nikto
Nikto is a Web server scanner that tests web servers for dangerous files, outdated server software and other problems. Also known as a web server assessment tool.
It preforms generic and server type specific checks.
It is designed to find various default and insecure files, configurations and programs on any type of web server.
Nikto is used for assessing the security of a web application’s deployment.
It focuses on identifying vulns in commercial and open source web application frameworks.
It won’t be as helpful for assessing the security of a custom web application.
For example, it may tell you that a site uses an outdated (and insecure) version of WordPress, but it won’t be able to tell you if the blogging application you wrote from scratch is secure or not.
Examine a web server to find potential problems and security vulnerabilities, including:
Server and software misconfigurations
Default files and programs
Insecure files and programs
Features of Nikto
SSL Support(Unix with OpenSSL or maybe Windows with ActiveState's Perl/NetSSL)
Full HTTP proxy support
Checks for outdated server components
Save reports in plain text, XML, HTML, NBE or CSV
Template engine to easily customize reports
Scan multiple ports on a server, or multiple servers via input file (including nmap output)
Easily updated via command line
Identifies installed software via headers, favicons and files
Host authentication with Basic and NTLM
Subdomain guessing
Scan tuning to include or exclude entire classes of vulnerability checks
Guess credentials for authorization (including many default id/pw combos)
Implemenatation of Nikto
Nikto is written in Perl, so it will run on any platform that Perl runs on. Like Windows and any of the Unix-based operating systems.
You shouldn’t need to install any Perl libraries that aren’t already present in a default installation.
Scanning:
Nikto is uncomplicated, but not unsophisticated.
We can use the -host option to start scanning a single target for the presence of default files, pages that might expose sensitive information, or pages with known vulnerabilities.