[Nikto-discuss] cPanel issues

Sullo sullo at cirt.net
Mon Jun 25 13:56:13 CDT 2012

Sorry for the delay.

You can put strings into a file called db_404_strings in the databases
directory, and it should discount those as positive results. You'd want to
put something in from the known-404 page. More info on the udb files is
here: http://cirt.net/nikto2-docs/

With cpanel, if it's a unique string that we can use I can also add it to
the main database, as well as create a check to identify cpanel.


On Wed, Jun 20, 2012 at 7:03 PM, aaron bishop <abishop at linux.com> wrote:

> Hello All.  I've bene using nikto for a few months now and I absolutely
> love it.  I have come across an issue when I scan a site that has cpanel
> installed.  When I scan port 2095, which is a cpanel webmail login page, it
> gets dozens of false positives reported because everything on 2095 gets
> redirected to the login page and the URI sent is included in the body, or
> in the case of plugin 000294 which looks for
> www.example.com/sips/sipssys/users/a/admin/user and falis if Password is
> returned it fails because it's a login page and it has Password as one of
> the fields for the login.  Is there a good way to handle this without
> modifying db_tests to require 200 ok for everything which I don't think is
> the best solution.
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss


http://cirt.net     |      http://richsec.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20120625/161d4000/attachment.html>

More information about the Nikto-discuss mailing list