[Nikto-discuss] False positives ?
Ryan Dewhurst
ryandewhurst at gmail.com
Mon May 11 16:10:12 UTC 2009
Could you not just find a unique word/sentencce on the custom 404 page that
your having trouble with and then add it to db_404_strings?
2009/5/11 David Lodge <dave at cirt.net>
> Nick, I sent you an email about this this morning.
>
> On Mon, 11 May 2009 14:51:30 +0100, Thomas Raef <traef at ebasedsecurity.com>
> wrote:
> > I've noticed these false positives as well.
> > If you have a default 404 page, you'll see these false positives as the
> > URL issued with the GET command does return a page - your default 404
> > page so it assumes that since it issued a command and received a result
> > the command must have worked.
> > That's been my findings anyway. Anyone have more information?
>
> In my experience it tends to happen when the web server returns a 200 and
> then returns a reader friendly page to say "file not found". Nikto does
> perform some checks to attempt to work out non-404 404 pages, but it can't
> always get them.
>
> If you can send me any examples of pages (either the output from a
> nikto.pl -D d or the page itself) then I can use this to improve the
> matching algorithms.
>
> Thanks
>
> dave
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/nikto-discuss/attachments/20090511/801b1210/attachment-0001.html
More information about the Nikto-discuss
mailing list