[Nikto-discuss] Nikto Not Finding Webserver

maddaemon at gmail.com maddaemon at gmail.com
Tue Jan 20 18:41:37 UTC 2009 

On Thu, Jan 15, 2009 at 1:55 PM, maddaemon at gmail.com
<maddaemon at gmail.com> wrote:
> Ticket #70 was opened.
>
> On Thu, Jan 15, 2009 at 4:43 AM, David Lodge <dave at cirt.net> wrote:
>> On Wed, 14 Jan 2009 21:25:46 -0000, maddaemon at gmail.com
>> <maddaemon at gmail.com> wrote:
>> [results from a direct connection]
>>>> Headers show the following (using both 80 & 443)
>>>>
>>>> HTTP/1.1 301 Moved Permanently
>>>> Date: Wed, 14 Jan 2009 21:16:02 GMT
>>>> Server: Apache
>>>> Location: https://tracker.mydomain.tld
>>>> Connection: close
>>>> Content-Type: text/html; charset=iso-8859-1
>>
>> And that'll be the problem; the code from nikto does:
>>     if (defined $result{'whisker'}{'data'} && $result{'whisker'}->{'data'}
>> =~ /speaking plain HTTP to an SSL/)
>>
>> Of course, the 301 doesn't return any data so it doesn't think that it's a
>> valid port. Looks like we have a bug, but I'm not 100% certain of how to
>> fix it; maybe we should check for error code, then check the appropriate
>> header (e.g. in this case Location).
>>
>> Could you do me a favour and got to
>> http://trac2.assembla.com/Nikto_2/newticket and raise a ticket for me so
>> that I don't lose track of what I'm doing (you don't need an assembla
>> account to raise a ticket, though you won't be able to track it
>> automagically if you don't).
>>
>> dave
>

I tried to update the ticket, but I can't seem to find a way to do that.

The CHECKMETHODS=HEAD GET wasn't in the nikto.conf, so I added it and
launched a scan.  It now appears that Nikto automatically detects the
redirect to SSL, and tests both port 80 as well as 443:

---------------------------------------------------------------------------
+ Target IP:          10.0.10.25
+ Target Hostname:    tracker.mydomain.tld
+ Target Port:        80
+ Start Time:         2009-01-21 13:32:04
---------------------------------------------------------------------------
+ Server: Apache
- Root page / redirects to: https://tracker.mydomain.tld
- Allowed HTTP Methods: GET, HEAD, OPTIONS
...
+ End Time:        2009-01-21 13:32:35 (31 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
---------------------------------------------------------------------------
+ Target IP:          10.0.10.25
+ Target Hostname:    tracker.mydomain.tld
+ Target Port:        443
---------------------------------------------------------------------------
+ SSL Info:        Ciphers: Unknown
                   Info:    Unknown
                   Subject: Unknown
+ Start Time:         2009-01-21 13:32:36

It still isn't able to get the ciphers list, but that's another issue entirely.

Thanks,
~MD

More information about the Nikto-discuss mailing list