[Nikto-discuss] -404 option
csullo at gmail.com
Wed Feb 13 14:41:07 UTC 2008
That was a version 1.x flag. What you can do in 2.x is create a user-defined
"udb_404_strings" file in the plugins directory. If the 404 check fails to
find a 404 based on headers, it will fall back on content and use these
strings to identify 404 pages (and if that fails, hashing--which is tough to
get right--and probably what your scan is doing now).
Just enter any strings you need, one per line. This file won't be
over-written when updates are done.
This link explains the user databases (although for 404 strings you don't
need a unique identifier).
On Feb 13, 2008 9:28 AM, J Amuse <jamuse at gmail.com> wrote:
> Wasn't there a -404 option to specify a string for custom file not found
> error messages once upon a time? I'm using nikto-2.0.2. How do I define
> custom file not found error messages to reduce the FPs?
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
http://www.cirt.net | http://www.osvdb.org/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Nikto-discuss