[Nikto-discuss] Nikto 2.1.5 bug
Sullo
csullo at gmail.com
Sun Dec 9 22:02:50 CST 2012
I don't see anything in the http book suggesting that this is an invalid
request. In testing, I see expected responses from requests which have the
host in both the host header and the URL.
Am I missing something? If you're seeing responses from the server
indicating an invalid request, have you tried more than one server and
confirmed nothing in the burp proxy is changing the request?
Thanks
Sullo
On Sun, Dec 9, 2012 at 6:30 AM, Balázs Zoltán <zoltan1.balazs at gmail.com>wrote:
> Hi all,
>
> I have found a bug in nikto while scanning SSL sites. For the test I
> set up a burp proxy locally so I can see all the traffic.
> The bug is in the GET resource, where the vhost is included in the
> request, so every request to an SSL site is a bad request.
>
> Nikto command:
> perl nikto.pl -config nikto.conf -host cirt.net -vhost cirt.net --useproxy
>
> Request generated (valid request):
> GET / HTTP/1.1
> Connection: Keep-Alive
> User-Agent: Mozilla/5.00
> Host: cirt.net
>
>
> #####################################################################################
>
> Nikto command:
> perl nikto.pl -config nikto.conf -host cirt.net -port 443 -ssl -vhost
> cirt.net --useproxy
>
> Invalid request generated:
> GET https://cirt.net:443/ HTTP/1.1
> Connection: Keep-Alive
> User-Agent: Mozilla/5.00
> Host: cirt.net:443
>
> Regards
> Zoltan
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>
--
http://www.cirt.net | http://richsec.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20121209/33754c0f/attachment.html>
More information about the Nikto-discuss
mailing list