[Nikto-discuss] internal IP not pulled out
Robin Wood
robin at digi.ninja
Wed Feb 24 04:44:37 CST 2016
That fixed it.
Thanks
Robin
On Wed, 24 Feb 2016 at 06:10 Sullo <csullo at gmail.com> wrote:
> Robin--
>
> Thanks for pointing this out--finally got a chance to take a look at
> it. I've committed some changes to report the correct header when it's
> in www-authenticate (which is why it was blank) and also only alert 1
> time for each of the 3 possible headers. So at max you could have 3
> reports if your target had all 3 issues, which seems unlikely.
>
> Please test if you can to see if this resolves it.
>
> -Sullo
>
>
> On Wed, Feb 17, 2016 at 4:13 AM, Robin Wood <robin at digi.ninja> wrote:
> > I've just ran a scan and in the results got 18 copies of this issue
> > for one of the IPs:
> >
> > + OSVDB-630: GET Microsoft Exchange Systems (CAS and OWA) may reveal
> > their internal or real IP in the WWW-Authenticate header via a request
> > over HTTP/1.0. The value is "".
> >
> > Looking in the save file the internal IP is there:
> >
> > HTTP/1.1 401 Unauthorized
> > content-type: text/html
> > server: Microsoft-IIS/7.0
> > www-authenticate: Basic realm="10.2.0.18"
> > x-powered-by: ASP.NET
> > date: Tue, 16 Feb 2016 16:51:21 GMT
> > connection: keep-alive
> > content-length: 1293
> >
> > The repeated results are caused by it hitting 18 different directories
> > which I think is a good idea but I think it should de-duplicate the
> > results so there is only a single issue raised if they all match.
> >
> > Robin
> > _______________________________________________
> > Nikto is sponsored by Netsparker, a false positive free web application
> security scanner and Netsparker Cloud online scanner.
> > Visit https://www.netsparker.com/ for more information.
> > _______________________________________________
> > Nikto-discuss mail list
> > Nikto-discuss at attrition.org
> > https://attrition.org/mailman/listinfo/nikto-discuss
>
>
>
> --
>
> http://www.cirt.net | http://rvasec.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20160224/c7eaee2d/attachment.html>
More information about the Nikto-discuss
mailing list