Nikto
4 likes6,911 views
Nikto is a free and open source web server scanner used to identify vulnerabilities and help secure servers. It tests servers for over 6,500 dangerous files and scripts, outdated versions of software, and misconfigurations. Nikto scans target servers and outputs results that can help identify security problems. It has advantages like being fast, versatile, and open source, while its only disadvantage is needing to run via the command line.
Nikto
- 1. Nikto Sorina-Georgiana CHIRILĂ Faculty of Computer Science Alexandru Ioan Cuza University, Iași, Romania Software Security - 2013
- 2. Overview ● ● ● ● ● ● ● ● ● Idea What is “Nikto” ? Technical details Structure Installation Case Studies Features Advantages/Disadvantages Resources
- 3. Idea ● You manage several Web servers/applications ● Need to find potential problems and security vulnerabilities, including: - Server and software misconfigurations - Default files and programs - Insecure files and programs - Outdated servers and programs
- 4. What is “Nikto” ? ● ● ● ● ● ● Web server scanner, Created by : David Lodge and Chris Sullo, Version 1.00 Beta released on: December 27, 2001 Current version: 2.1.5, Written in: Perl, The name is taken from the movie: The Day The Earth Stood Still, ● Sponsored by: Sunera LLC, ● Official page : http://www.cirt.net/nikto2.
- 5. Technical details ● ● Open source, with support for SSL connections, Performs test against web servers for multiple items: - Looks for over 6500 potentially dangerous files/CGIs, - Checks for outdated versions of over 1250 servers, - Looks for version specific problems on over 270 servers, - Attempts to identify installed web servers and software, - Checks for the presence of multiple index files and HTTP server options, ● Output can be saved in a variety of formats: text, XML, HTML.
- 6. Structure Tests against vulnerabilities : databases folder Performed with code from: plugins directory Main File :nikto.pl Replay File :replay.pl replay a saved request
- 7. Installation ● Runs on Windows , Mac, Linux : any system with support for basic Perl installation, allow Nikton to run. ● Requirements for Windows usage: ActiveState Perl : typicall setting, Nikto : download and extract the archive content.
- 8. Command line tool n e e d s e c . c o m perl nikto.pl -host name.ro -port 80 perl nikto.pl -h name.ro -p 80
- 9. Simple Scan perl nikto.pl -h 127.0.0.1 -p 80 Open Sourced Vulnerability Database Testing will reveal scripts, files and directories that may leak information or have security problems
- 10. Case studies ● ● ● ● ● ● ● perl nikto.pl -h 127.0.0.1 perl nikto.pl -h localhost -p 80,8080 perl nikto.pl -h hosts.txt perl nikto.pl -h 127.0.0.1 -o results.txt perl nikto.pl -h localhost -o results.html perl nikto.pl -h 127.0.0.1 -dbcheck perl nikto.pl -h localhost -update
- 11. Features ● ● ● ● ● ● SSL support, Template engine to easily customize reports, Support for LibWhisker’s antiIDS methods, Easily updated via command line Thorough documentation, Projects like Wikto, MackNikto and Services like Edgeos.com and HackerTarget.com which are related to Nikto or incorporate/use Nikto databases, ● ● ● ● Scans multiple ports on a server, or multiple servers via input file (including nmap output), Logging to Metasploit, Full HTTP proxy support - so by using a tool (like Buirp Suite) that can intercept the http requests and show them in proper format, we can analyse the queries made by Nikto and discover vulnerabilities, It can be integrated in Nessus.
- 12. ● ● ● ● Fast, versatile tool , Written in Perl , it can be run in any host operating system, Open source - it can be easily extended and customized, Diverse output formats - easy to integrate with other penetration testing tools. Advantages ● / Runs at the command line , without any graphical user interface (GUI). Disadvantages
- 15. Questions ?