I don't see anything in the http book suggesting that this is an invalid request. In testing, I see expected responses from requests which have the host in both the host header and the URL. <div><br></div><div>Am I missing something? If you're seeing responses from the server indicating an invalid request, have you tried more than one server and confirmed nothing in the burp proxy is changing the request? </div>
<div><br></div><div>Thanks</div><div>Sullo</div><div><br><br><div class="gmail_quote">On Sun, Dec 9, 2012 at 6:30 AM, Balázs Zoltán <span dir="ltr"><<a href="mailto:zoltan1.balazs@gmail.com" target="_blank">zoltan1.balazs@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi all,<br>
<br>
I have found a bug in nikto while scanning SSL sites. For the test I<br>
set up a burp proxy locally so I can see all the traffic.<br>
The bug is in the GET resource, where the vhost is included in the<br>
request, so every request to an SSL site is a bad request.<br>
<br>
Nikto command:<br>
perl <a href="http://nikto.pl" target="_blank">nikto.pl</a> -config nikto.conf -host <a href="http://cirt.net" target="_blank">cirt.net</a> -vhost <a href="http://cirt.net" target="_blank">cirt.net</a> --useproxy<br>
<br>
Request generated (valid request):<br>
GET / HTTP/1.1<br>
Connection: Keep-Alive<br>
User-Agent: Mozilla/5.00<br>
Host: <a href="http://cirt.net" target="_blank">cirt.net</a><br>
<br>
#####################################################################################<br>
<br>
Nikto command:<br>
perl <a href="http://nikto.pl" target="_blank">nikto.pl</a> -config nikto.conf -host <a href="http://cirt.net" target="_blank">cirt.net</a> -port 443 -ssl -vhost<br>
<a href="http://cirt.net" target="_blank">cirt.net</a> --useproxy<br>
<br>
Invalid request generated:<br>
GET <a href="https://cirt.net:443/" target="_blank">https://cirt.net:443/</a> HTTP/1.1<br>
Connection: Keep-Alive<br>
User-Agent: Mozilla/5.00<br>
Host: <a href="http://cirt.net:443" target="_blank">cirt.net:443</a><br>
<br>
Regards<br>
Zoltan<br>
_______________________________________________<br>
Nikto-discuss mailing list<br>
<a href="mailto:Nikto-discuss@attrition.org">Nikto-discuss@attrition.org</a><br>
<a href="https://attrition.org/mailman/listinfo/nikto-discuss" target="_blank">https://attrition.org/mailman/listinfo/nikto-discuss</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><br><a href="http://www.cirt.net" target="_blank">http://www.cirt.net</a> | <a href="http://richsec.com/" target="_blank">http://richsec.com/</a><br>
</div>