Usando o Nikto webserver scanner
O Nikto é web server scanner escrito em perl usado para detectar vulnerabilidades em servidores web. Ele é muito simples de ser usado e atualizado gerando relatórios em txt,html e csv.
Baixando o Nikto
Não é necessário fazer a instalação do mesmo pois ele é um script perl.
Help do Nikto
-Cgidirs+ scan these CGI dirs: ‘none’, ‘all’, or values like “/cgi/ /cgi-a/”
-dbcheck check database and other key files for syntax errors (cannot be abbreviated)
-evasion+ ids evasion technique
-Format+ save file (-o) format
-host+ target host
-Help Extended help information
-id+ host authentication to use, format is userid:password
-mutate+ Guess additional file names
-output+ write output to this file
-port+ port to use (default 80)
-Display+ turn on/off display outputs
-ssl force ssl mode on port
-Single Single request mode
-timeout+ timeout (default 2 seconds)
-Tuning+ scan tuning
-update update databases and plugins from cirt.net (cannot be abbreviated)
-Version print plugin and database versions
-vhost+ virtual host (for Host header)
+ requires a value
Atualizando os plugins
./nikto.pl -update
Usando o Nikto
./nikto.pl -C all -host 200.128.X.X -o vitima.txt
– C all – Força a checagem de todos os diretórios em busca de cgi
– host – Ip da vitima
-o – Gera um arquivo de relatório
Relatório gerado
– Nikto 2.02/2.03 – cirt.net
+ Target IP: 200.128.X.X
+ Target Hostname: Vitima
+ Target Port: 80
+ Start Time: 2008-02-23 23:39:34
—————————————————————————
+ Server: Apache/2.0.54 (Win32) PHP/5.1.4
– Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-877: HTTP method (‘Allow’ Header): ‘TRACE’ is typically only used for debugging and should be disabled. This message does not mean it is vulnerable to XST.
+ Apache/2.0.54 appears to be outdated (current is at least Apache/2.2.6). Apache 1.3.39 and 2.0.61 are also current.
+ PHP/5.1.4 appears to be outdated (current is at least 5.2.5)
+ OSVDB-0: GET /………………/config.sys : PWS allows files to be read by prepending multiple ‘.’ characters. At worst, IIS, not PWS, should be used.
+ OSVDB-877: TRACE / : TRACE option appears to allow XSS or credential theft. See http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf for details
+ OSVDB-3092: GET /manual/ : Web server manual found.
+ OSVDB-3233: GET /index.html.var : Apache default foreign language file found. All default files should be removed from the web server as they may give an attacker additional system information.
+ OSVDB-3268: GET /icons/ : Directory indexing is enabled: /icons
+ OSVDB-3268: GET /manual/images/ : Directory indexing is enabled: /manual/images
+ OSVDB-6659: GET /h2vP3F1siX65X0gGCoedXf11K8PpZSTPQP599a3I4u0TTqw1nGlL616opBSyM7IxVsF3TVoyZtpH59PqXNhFuRiEw4wGseD97ZeeLbLfvLoQcijFLIvNLslTZt3nd687RcPNpahPUA2FAPgiuADL5939Ic4es2fwarKmkKfW2XJrkRrQtPaOMYZnPCGDzZ7pw8xJ8b56GiWdh2nxFw5GE8z6TOgSWfJDEFACED<!–//– : MyWebServer 1.0.2 is vulnerable to HTML injection. Upgrade to a later version.
+ 17457 items checked: 11 item(s) reported on remote host
+ End Time: 2008-02-24 0:32:00 (3192 seconds)
—————————————————————————
+ 1 host(s) tested
Esse e outros artigos podem ser encontrados na Wiki do Time de Segurança
Hi there! Would you mind if I share your blog with my facebook group?
There’s a lot of people that I think would really appreciate your content. Please let me know. Thank you
Hi! I know this is somewhat off topic but I was wondering which blog platform are you using
for this website? I’m getting fed up of WordPress because I’ve had issues with hackers and I’m looking at options for another platform. I would be great if you could point me in the direction of a good platform.
I’m really enjoying the design and layout of your site. It’s a
very easy on the eyes which makes it much more enjoyable for
me to come here and visit more often. Did you
hire out a designer to create your theme? Great work!
Nice write up. I study something similar here at Virginia
Tech. It’s definitively exciting to know material from other people and observe a little bit from their source. If it’s okay, I’d seriously appreciate it if I re-post use some of the articles on your blog. And of course, I’ll put up a link
to your site at wordpress.com on my own blog. Kudos
for sharing.