FYI,<br><br>in case others face the same issue. Here is the cure.<br><br> Actually I have been using a config file from previous Nikto rlz, this is why I had the problem.<br><br>Rgds,<br><br><div class="gmail_quote">---------- Forwarded message ----------<br>
From: <b class="gmail_sendername">david lodge</b> <span dir="ltr"><<a href="mailto:resident.deity@gmail.com" target="_blank">resident.deity@gmail.com</a>></span><br>Date: 2009/5/5<br>Subject: Re: [Nikto-discuss] The basics of Nikto<br>
To: <a href="mailto:titansteamadmin@gmail.com" target="_blank">titansteamadmin@gmail.com</a><br>Cc: <a href="mailto:dave@cirt.net" target="_blank">dave@cirt.net</a><br><br><br>[From my gmail account as I can't access my cirt account from work]<br>
<br>
There is a known bug in 2.03 of nikto, where it fails to recognise a<br>
web server if a pre-2.03 configuration file is being used.<br>
<br>
You should be able to see this by running a scan with -D V and seeing<br>
what it's doing:<br>
D:\tools\nikto>nikto.pl -host <a href="http://127.0.0.1:8081" target="_blank">127.0.0.1:8081</a> -D V<br>
- Nikto v2.03/2.04<br>
---------------------------------------------------------------------------<br>
V:Tue May 5 13:41:59 2009 - Testing open ports for web servers<br>
V:Tue May 5 13:41:59 2009 - Checking for HTTP on port <a href="http://127.0.0.1:8081" target="_blank">127.0.0.1:8081</a>, using HEA<br>
D<br>
+ Target IP: 127.0.0.1<br>
+ Target Hostname: localhost<br>
+ Target Port: 8081<br>
+ Start Time: 2009-05-06 13:42:00<br>
---------------------------------------------------------------------------<br>
<br>
If you run it with a -D V and you can't see the "Checking for HTTP"<br>
line then you have this problem. In this case, check your config.txt<br>
for the below line:<br>
CHECKMETHODS=HEAD GET<br>
<br>
If this is missing, add it and it should (hopefully) work. This is a<br>
bug fixed in Nikto 2.10 (development version).<br>
<br>
If your configuration file has this, send me a redacted version of the<br>
-D DV output and I'll have a look at it (please make sure that you<br>
include <a href="mailto:dave@cirt.net" target="_blank">dave@cirt.net</a> in the email list - I normally only use this<br>
email address for mailing lists).<br>
<br>
Thanks<br>
<br>
dave<br>
</div><br>