[Nikto-discuss] -404 option

Sullo csullo at gmail.com
Wed Feb 13 14:41:07 UTC 2008


That was a version 1.x flag. What you can do in 2.x is create a user-defined
"udb_404_strings" file in the plugins directory. If the 404 check fails to
find a 404 based on headers, it will fall back on content and use these
strings to identify 404 pages (and if that fails, hashing--which is tough to
get right--and probably what your scan is doing now).

Just enter any strings you need, one per line. This file won't be
over-written when updates are done.

This link explains the user databases (although for 404 strings you don't
need a unique identifier).
http://cirt.net/nikto2-docs/ch07s02.html

-Sullo


On Feb 13, 2008 9:28 AM, J Amuse <jamuse at gmail.com> wrote:

> Wasn't there a -404 option to specify a string for custom file not found
> error messages once upon a time? I'm using nikto-2.0.2. How do I define
> custom file not found error messages to reduce the FPs?
>
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>
>


-- 

http://www.cirt.net     |      http://www.osvdb.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/nikto-discuss/attachments/20080213/ba00f31a/attachment.html 


More information about the Nikto-discuss mailing list