[Nikto-discuss] internal IP not pulled out

[Sullo]

Robin--

Thanks for pointing this out--finally got a chance to take a look at
it. I've committed some changes to report the correct header when it's
in www-authenticate (which is why it was blank) and also only alert 1
time for each of the 3 possible headers. So at max you could have 3
reports if your target had all 3 issues, which seems unlikely.

Please test if you can to see if this resolves it.

-Sullo


On Wed, Feb 17, 2016 at 4:13 AM, Robin Wood <robin at digi.ninja> wrote:
> I've just ran a scan and in the results got 18 copies of this issue
> for one of the IPs:
>
> + OSVDB-630: GET Microsoft Exchange Systems (CAS and OWA) may reveal
> their internal or real IP in the WWW-Authenticate header via a request
> over HTTP/1.0. The value is "".
>
> Looking in the save file the internal IP is there:
>
> HTTP/1.1 401 Unauthorized
> content-type: text/html
> server: Microsoft-IIS/7.0
> www-authenticate: Basic realm="10.2.0.18"
> x-powered-by: ASP.NET
> date: Tue, 16 Feb 2016 16:51:21 GMT
> connection: keep-alive
> content-length: 1293
>
> The repeated results are caused by it hitting 18 different directories
> which I think is a good idea but I think it should de-duplicate the
> results so there is only a single issue raised if they all match.
>
> Robin
> _______________________________________________
> Nikto is sponsored by Netsparker, a false positive free web application security scanner and Netsparker Cloud online scanner.
> Visit https://www.netsparker.com/ for more information.
> _______________________________________________
> Nikto-discuss mail list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss



-- 

http://www.cirt.net     |      http://rvasec.com/