[Nikto-discuss] Fwd: The basics of Nikto
titans team
titansteamadmin at gmail.com
Tue May 5 19:23:58 UTC 2009
FYI,
in case others face the same issue. Here is the cure.
Actually I have been using a config file from previous Nikto rlz, this is
why I had the problem.
Rgds,
---------- Forwarded message ----------
From: david lodge <resident.deity at gmail.com>
Date: 2009/5/5
Subject: Re: [Nikto-discuss] The basics of Nikto
To: titansteamadmin at gmail.com
Cc: dave at cirt.net
[From my gmail account as I can't access my cirt account from work]
There is a known bug in 2.03 of nikto, where it fails to recognise a
web server if a pre-2.03 configuration file is being used.
You should be able to see this by running a scan with -D V and seeing
what it's doing:
D:\tools\nikto>nikto.pl -host 127.0.0.1:8081 -D V
- Nikto v2.03/2.04
---------------------------------------------------------------------------
V:Tue May 5 13:41:59 2009 - Testing open ports for web servers
V:Tue May 5 13:41:59 2009 - Checking for HTTP on port 127.0.0.1:8081, using
HEA
D
+ Target IP: 127.0.0.1
+ Target Hostname: localhost
+ Target Port: 8081
+ Start Time: 2009-05-06 13:42:00
---------------------------------------------------------------------------
If you run it with a -D V and you can't see the "Checking for HTTP"
line then you have this problem. In this case, check your config.txt
for the below line:
CHECKMETHODS=HEAD GET
If this is missing, add it and it should (hopefully) work. This is a
bug fixed in Nikto 2.10 (development version).
If your configuration file has this, send me a redacted version of the
-D DV output and I'll have a look at it (please make sure that you
include dave at cirt.net in the email list - I normally only use this
email address for mailing lists).
Thanks
dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/nikto-discuss/attachments/20090505/0d4b2826/attachment.html
More information about the Nikto-discuss
mailing list