[Nikto-discuss] False positives ?
titansteamadmin at gmail.com
Tue May 12 15:05:45 UTC 2009
Hi Dave and Al,
Dave, I had not made the link between your morning's email and that cause in
my previous message to you, the directories where indeed present on the
server (that was the Nikto message I did not understand)
The difference is that here, none of the directory (or files) metionned in
my message are present on the server..
Thus I thought this was a different "issue" but seems to be the same, right
2009/5/11 David Lodge <dave at cirt.net>
> Nick, I sent you an email about this this morning.
> On Mon, 11 May 2009 14:51:30 +0100, Thomas Raef <traef at ebasedsecurity.com>
> > I've noticed these false positives as well.
> > If you have a default 404 page, you'll see these false positives as the
> > URL issued with the GET command does return a page - your default 404
> > page so it assumes that since it issued a command and received a result
> > the command must have worked.
> > That's been my findings anyway. Anyone have more information?
> In my experience it tends to happen when the web server returns a 200 and
> then returns a reader friendly page to say "file not found". Nikto does
> perform some checks to attempt to work out non-404 404 pages, but it can't
> always get them.
> If you can send me any examples of pages (either the output from a
> nikto.pl -D d or the page itself) then I can use this to improve the
> matching algorithms.
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Nikto-discuss