From dave at cirt.net Tue Nov 4 18:40:34 2008 From: dave at cirt.net (David Lodge) Date: Tue, 04 Nov 2008 18:40:34 -0000 Subject: [Nikto-discuss] Proxy doesn't work In-Reply-To: References: <48A091EB.6000608@cirt.net> <48A098F5.7030806@cirt.net> Message-ID: On Mon, 11 Aug 2008 21:14:28 +0100, Ryan Dewhurst wrote: > I got the proxy working by using the -useproxy argument and a working > proxy. I've raise the lack of reporting as a bug #65. I realise that this is a really old discussion, but I've had the opportunity to use nikto through a proxy recently and have realised that it is a bit clunky to do, as you need to: * edit nikto.txt * remember to use -useproxy * lack of supporting information As part of the release for nikto 2.10 (expected start of next year) one of my goals is to rework the configuration file/switches interpretation as it's a wee bit manky at the moment; I'm aiming to work this along the normal Unix style: * Take initial settings from /etc/nikto.conf (or whatever filename) * Take more settings from ~/.niktorc (or whatever filename) * Take settings from the commandline Each step over-rides the above step (so, specifying, say --noproxy on the CLI with over-ride an earlier --useproxy). If anybody's got any feedback on how stuff is given to nikto; please put on the list or contact me directly... Thanks dave From dave at cirt.net Tue Nov 4 18:43:29 2008 From: dave at cirt.net (David Lodge) Date: Tue, 04 Nov 2008 18:43:29 -0000 Subject: [Nikto-discuss] More authentication... In-Reply-To: References: Message-ID: On Wed, 08 Oct 2008 09:09:23 +0100, Frank Breedijk wrote: > + Default account found for 'x.x.216.10' at /exchange/lib/AMPROPS.INC > (ID 'administrator', PW 'administrator'). Generic account discovered. > + ERROR: Unable to authenticate to "x.x.216.10" > > First statement looks like a false positive to me. Frank, Some of the nikto 2.03 authentication code is a bit clunky; there's been a large overhaul with the current version on Assembla (http://www.assembla.com/spaces/Nikto_2/trac_subversion_tool) which should fix a lot of general authentication problem (and supports NTLM). If there's a chance you could get hold of this and try it again, if there's still a problem, could you raise a bug on Assembla? Thanks dave From dave at cirt.net Tue Nov 4 18:46:49 2008 From: dave at cirt.net (David Lodge) Date: Tue, 04 Nov 2008 18:46:49 -0000 Subject: [Nikto-discuss] Nikto Test ID Ouput In-Reply-To: <07F358FB29BD5B4489A440C65183C25F2D3F82@OMU-EXCH02.solutionary.com> References: <07F358FB29BD5B4489A440C65183C25F2D3F82@OMU-EXCH02.solutionary.com> Message-ID: On Wed, 15 Oct 2008 17:31:15 +0100, Court Little wrote: > Does anyone know of a way to get the Nikto Test ID field from the Scan > Databse Field Value to output in a report, preferably in the output when > called by Nessus? No, not easily and there is a bug about this already: http://trac2.assembla.com/Nikto_2/ticket/58 As it states in the comments field: ----------------cut here-------------- It's a good idea; and I like what you're doing here (as it aids the repeatability or a test and show differences 'twixt two tests). Unfortunately, as it's currently written it won't work, either on 2.03, or on the trunk version, as several items aren't written to the TESTS hash unless they're successfully tested. What's worse is that, in trying to make nikto thread safe, I'm cutting out a lot of global variables and the TESTS variable is one of those destined for the chop (globals being the bane of threading). I'm going to leave this call open, and when I rework the plugin architecture I'll ensure that a method to accurately record all tests to be performed in the plugin is part of it. ----------------cut here-------------- So it is an aim for the future versions of nikto (I'm a big fan of repeatability in pen testing); though I can't guarantee that it'll be in for nikto 2.10 Thanks dave From andres.riancho at gmail.com Wed Nov 5 15:26:16 2008 From: andres.riancho at gmail.com (Andres Riancho) Date: Wed, 5 Nov 2008 13:26:16 -0200 Subject: [Nikto-discuss] Bug report - Possible invalid database entries Message-ID: List, Are these scan_database lines ok? "generic","@CGIDIRScart.pl?db='","c:\",","GET","Dansie Shopping Cart reveals the full path to the CGI directory." "generic","@CGIDIRScart.pl?db='","d:\",","GET","Dansie Shopping Cart reveals the full path to the CGI directory." "generic","/hostadmin/?page='","C:\",","GET","Host Admin reveals install location and other sensitive information." "generic","/hostadmin/?page='","D:\",","GET","Host Admin reveals install location and other sensitive information." Please note the "d:\",","GET" section. Cheers, -- Andres Riancho http://w3af.sourceforge.net/ Web Application Attack and Audit Framework