[Nikto-discuss] False positives ?
David Lodge
dave at cirt.net
Mon May 11 14:10:54 UTC 2009
Nick, I sent you an email about this this morning.
On Mon, 11 May 2009 14:51:30 +0100, Thomas Raef <traef at ebasedsecurity.com>
wrote:
> I've noticed these false positives as well.
> If you have a default 404 page, you'll see these false positives as the
> URL issued with the GET command does return a page - your default 404
> page so it assumes that since it issued a command and received a result
> the command must have worked.
> That's been my findings anyway. Anyone have more information?
In my experience it tends to happen when the web server returns a 200 and
then returns a reader friendly page to say "file not found". Nikto does
perform some checks to attempt to work out non-404 404 pages, but it can't
always get them.
If you can send me any examples of pages (either the output from a
nikto.pl -D d or the page itself) then I can use this to improve the
matching algorithms.
Thanks
dave
More information about the Nikto-discuss
mailing list