[Nikto-discuss] cPanel issues
sullo at cirt.net
Mon Jun 25 13:56:13 CDT 2012
Sorry for the delay.
You can put strings into a file called db_404_strings in the databases
directory, and it should discount those as positive results. You'd want to
put something in from the known-404 page. More info on the udb files is
With cpanel, if it's a unique string that we can use I can also add it to
the main database, as well as create a check to identify cpanel.
On Wed, Jun 20, 2012 at 7:03 PM, aaron bishop <abishop at linux.com> wrote:
> Hello All. I've bene using nikto for a few months now and I absolutely
> love it. I have come across an issue when I scan a site that has cpanel
> installed. When I scan port 2095, which is a cpanel webmail login page, it
> gets dozens of false positives reported because everything on 2095 gets
> redirected to the login page and the URI sent is included in the body, or
> in the case of plugin 000294 which looks for
> www.example.com/sips/sipssys/users/a/admin/user and falis if Password is
> returned it fails because it's a login page and it has Password as one of
> the fields for the login. Is there a good way to handle this without
> modifying db_tests to require 200 ok for everything which I don't think is
> the best solution.
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
http://cirt.net | http://richsec.com/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Nikto-discuss