3. Idea
● You manage several Web servers/applications
● Need to find potential problems and security
vulnerabilities, including:
- Server and software misconfigurations
- Default files and programs
- Insecure files and programs
- Outdated servers and programs
4. What is “Nikto” ?
●
●
●
●
●
●
Web server scanner,
Created by : David Lodge and Chris Sullo,
Version 1.00 Beta released on: December 27, 2001
Current version: 2.1.5,
Written in: Perl,
The name is taken from the movie: The Day The Earth
Stood Still,
● Sponsored by: Sunera LLC,
● Official page : http://www.cirt.net/nikto2.
5. Technical details
●
●
Open source, with support for SSL connections,
Performs test against web servers
for multiple items:
- Looks for over 6500 potentially dangerous files/CGIs,
- Checks for outdated versions of over 1250 servers,
- Looks for version specific problems on over 270 servers,
- Attempts to identify installed web servers and software,
- Checks for the presence of multiple index files and HTTP
server options,
●
Output can be saved in a variety of formats: text, XML, HTML.
6. Structure
Tests against vulnerabilities :
databases folder
Performed with code from:
plugins directory
Main File :nikto.pl
Replay File :replay.pl
replay a saved request
7. Installation
● Runs on Windows , Mac, Linux : any system with
support for basic Perl installation, allow Nikton to run.
● Requirements for Windows usage:
ActiveState Perl : typicall setting,
Nikto : download and extract the archive
content.
9. Simple Scan
perl nikto.pl -h 127.0.0.1 -p 80
Open Sourced
Vulnerability Database
Testing will reveal scripts, files and directories that
may leak information or have security problems
11. Features
●
●
●
●
●
●
SSL support,
Template engine to easily
customize reports,
Support for LibWhisker’s antiIDS methods,
Easily updated via command line
Thorough documentation,
Projects like Wikto, MackNikto
and Services like Edgeos.com
and HackerTarget.com which
are related to Nikto or
incorporate/use Nikto databases,
●
●
●
●
Scans multiple ports on a server,
or multiple servers via input file
(including nmap output),
Logging to Metasploit,
Full HTTP proxy support - so by
using a tool (like Buirp Suite)
that can intercept the http
requests and show them in
proper format, we can analyse
the queries made by Nikto and
discover vulnerabilities,
It can be integrated in Nessus.
12. ●
●
●
●
Fast, versatile tool ,
Written in Perl , it
can be run in any
host operating
system,
Open source - it can
be easily extended
and customized,
Diverse output
formats - easy to
integrate with other
penetration testing
tools.
Advantages
●
/
Runs at the command
line , without any
graphical user interface
(GUI).
Disadvantages