[Nikto-discuss] Unwanted authentication brute-force
csullo at gmail.com
Wed Dec 8 12:11:43 CST 2010
There was actually a bug in the auth guessing stuff that may have caused the
high number of attempts--I just fixed it a few nights ago in the trunk
version. It should be ~300 per directory (or per realm in the trunk
You can disable plugins using -Plugins, such as:
That should run all the default ones except the auth testing.
See this page for more info: https://cirt.net/nikto2-docs/options.html
On Wed, Dec 8, 2010 at 4:50 AM, Chris Thomas <chris at mediumcool.net> wrote:
> I'm using Nikto 2.1.3 on Windows XP.
> When Nikto attempts to GET the page /bandwidth/index.cgi on the server I'm
> testing it recieves the response '401 Requires Authorization'. Nikto then
> appears to enter a loop repeatledly GETing /bandwidth/index.cgi which
> quickly trips my client's IDS and gets me blacklisted.
> I've done some test on my own web server using Nikto debugging and it
> appears Nikto is trying to brute-force authentication, making around 700
> request for /bandwidth/index.cgi with various credentials before it moves on
> to the next test.
> The command I'm running is:
> nikto.pl -h 172.16.20.17 -T 1 -D D > debug.txt
> I could get myself whitelisted, but I really don't want to be trying to
> brute-force authentication.
> I see there are various options for controlling plugins and tests but I've
> had a look at the code, db_tests etc., but it's hard to get a handle on
> what's actually being run.
> Any suggestions?
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
http://www.cirt.net | http://www.osvdb.org/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Nikto-discuss