[研究] Nikto2 v2.1.5 安裝與使用 (Fedora 18)
2013-02-14
Nikto2 是 Web Server Scanner
官方網站
http://www.cirt.net/nikto2
安裝
wget http://www.cirt.net/nikto/nikto-current.tar.gz tar zxvf nikto-current.tar.gz cd nikto-2.1.5 chomd +x nikto.pl |
請從另一台去攻擊受測主機測試 (-h 參數表示目的主機)
[root@localhost nikto-2.1.5]# ./nikto.pl -h 192.168.128.101 - ***** SSL support not available (see docs for SSL install) ***** - Nikto v2.1.5 --------------------------------------------------------------------------- + Target IP: 192.168.128.101 + Target Hostname: 192.168.128.101 + Target Port: 80 + Start Time: 2013-02-14 00:49:49 (GMT8) --------------------------------------------------------------------------- + Server: Apache/2.2.15 (CentOS) + Server leaks inodes via ETags, header found with file /, inode: 1195098, size: 5, mtime: 0x4d549dfc6839f + The anti-clickjacking X-Frame-Options header is not present. + Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.22). Apache 1.3.42 (final release) and 2.0.64 are also current. + Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST + OSVDB-3268: /icons/: Directory indexing found. + OSVDB-3233: /icons/README: Apache default file found. + 6544 items checked: 0 error(s) and 7 item(s) reported on remote host + End Time: 2013-02-14 00:50:27 (GMT8) (38 seconds) --------------------------------------------------------------------------- + 1 host(s) tested [root@localhost nikto-2.1.5]# |
(完)
[研究] Nikto2 v2.1.4 安裝與使用 (Fedora 18 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=79316
[研究] Nikto2 v2.1.5 安裝與使用 (CentOS 6.3 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=79226
[研究] Nikto2 v2.1.4 安裝與使用 (Fedora 15 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20385
[研究] Nikto2 v2.1.4 Web Scanner 安裝與使用 (CentOS 6.0 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?p=63655
沒有留言:
張貼留言