[Nikto-discuss] Nikto Not Finding Webserver
maddaemon at gmail.com
maddaemon at gmail.com
Thu Jan 15 14:05:15 UTC 2009
On Thu, Jan 15, 2009 at 4:43 AM, David Lodge <dave at cirt.net> wrote:
> On Wed, 14 Jan 2009 21:25:46 -0000, maddaemon at gmail.com
> <maddaemon at gmail.com> wrote:
> [results from a direct connection]
>>> Headers show the following (using both 80 & 443)
>>>
>>> HTTP/1.1 301 Moved Permanently
>>> Date: Wed, 14 Jan 2009 21:16:02 GMT
>>> Server: Apache
>>> Location: https://tracker.mydomain.tld
>>> Connection: close
>>> Content-Type: text/html; charset=iso-8859-1
>
> And that'll be the problem; the code from nikto does:
> if (defined $result{'whisker'}{'data'} && $result{'whisker'}->{'data'}
> =~ /speaking plain HTTP to an SSL/)
>
> Of course, the 301 doesn't return any data so it doesn't think that it's a
> valid port. Looks like we have a bug, but I'm not 100% certain of how to
> fix it; maybe we should check for error code, then check the appropriate
> header (e.g. in this case Location).
>
> Could you do me a favour and got to
> http://trac2.assembla.com/Nikto_2/newticket and raise a ticket for me so
> that I don't lose track of what I'm doing (you don't need an assembla
> account to raise a ticket, though you won't be able to track it
> automagically if you don't).
I'll do that as soon as I get to work. Should I let you know what the
ticket number (if any) is?
More information about the Nikto-discuss
mailing list