What is Nikto web scanner and it’s use ?
Nikto Web-scanner is a open source web-server scanner which can be used to scan the web-servers for malicious programs and files. Nikto can be used to scan the outdated versions of programs too. Nikto will provide us a quick and easy scan to find out the dangerous files and programs in server, At the end of scan result with a log file. Using nikto we can scan http, https, httpd traffics too.
To run the Nikto we don’t need any hard resource using software’s, If our server installed with Perl it’s fine to run the nikto. It’s available for every Operating systems such as Linux, Unix like RedHat, Centos, Debian, Ubuntu,Solaris, BackTrack, MacOSX. Supports SSL, http proxy, Scan multiple ports on a server, Check for outdated server components etc.. We can get the output of result in following formats TXT, CSV, HTML, XML.
Newly released version of Nikto Web scanner:
Nikto released it’s version 2.1.5 in 2012 but it’s under updates for each and every new vulnerabilities till date.
vulnerabilities Database:
We can find each and every vulnerabilities database in following URL.
以上云云(自行google).
环境要求:
Hostname prodsrv.unixmen.com (prodsrv)
IP address 192.168.230.151
Operating system Ubuntu 14.04 LTS
执行如下命令检查主机名 IP地址 系统版本
hostname
ifconfig |grep inet
lsb_release -a
安装开始:
登录官网https://cirt.net/Nikto2,官方列出了两种格式的安装包.
https://cirt.net/nikto/nikto-2.1.5.tar.bz2 https://cirt.net/nikto/nikto-2.1.5.tar.gz
下载安装包
wget https://cirt.net/nikto/nikto-2.1.5.tar.gz
tar -zxvf nikto-2.1.5.tar.gz
移动nikto-2.1.5下的所有文件到/usr/local/bin下:
cd ~
sudo cp -apvf nikto-2.1.5/* /usr/local/bin/
ls -l /usr/local/bin/
* Nikto config file need to be in /etc/, But now it’s currently under /usr/local/bin/ While having a look into conf we can find that nikto will skip the scan for ports 21 & 111, And from were it want to download it’s update and much more.
sudo vim /usr/local/bin/nikto-2.1.5/nikto.conf
创建配置文件链接并配置权限
我们需要为conf文件在/etc/目录下创建一个链接(软连接).并赋予nikto.pl 755权限:
sudo ln -s /usr/local/bin/nikto.conf /etc/nikto.conf
ls -l /etc/nikto.conf
sudo chmod 755 /usr/local/bin/nikto.pl
ls -l /usr/local/bin/nikto.pl
更新nikto数据库(初始化)
再进行任何扫描前需要先更新nikto数据库文件.
sudo /usr/local/bin/nikto.pl -update
执行如下命令可列出nikto下可供使用的插件:
nikto.pl -list-plugins // To list the installed plugins //
开始扫描:
扫描某站点时,我们可以使用”-h”选项,然后执行扫描.
nikto.pl -h www.unixmen.com // To scan a website //
在扫面多端口时我们可以使用”-p”选项,然后执行扫描:
nikto.pl -h www.google.com -p 80,443
如果你需要看到整个扫描的过程,可以使用Display选项(-D)
nikto.pl -D v -h www.google.com
-D = Display
v = Verbose
-h = hostname
在进行特定的扫描时需要调整的参数项:
在测试中我们可以针对测试需要调整对应的参数,使用x选项我们可以排除我们不需要的目标。以下参数可用于特定的扫描:
0 – File Upload
1 – Interesting File // we will get in logs
2 – Misconfiguration / Default File
3 – Information Disclosure
4 – Injection (XSS/Script/HTML)
5 – Remote File Retrieval – Inside Web Root
6 – Denial of Service // Scan for DDOS
7 – Remote File Retrieval – Server Wide
8 – Command Execution // Remote Shell
9 – SQL Injection // Scan for mysql vulnerabilities
a – Authentication Bypass
b – Software Identification
c – Remote Source Inclusion
x – Reverse Tuning Options
如果扫描存在SQL漏洞的站点,单项测试在很短的时间就可以搞定.但如不指定单项测试的话,将花费数小时之久.
对于多项测试执行扫描命令:
nikto.pl -Tuning 69 -h www.isanalytics.com
扫描,并将结果保存到指定文件,可以使用下面的命令来查找漏洞.
nikto.pl -Display V -o nikto_scan_result.html -Format html -h 192.168.0.166
扫描完成后我们会在当前目录得到以html格式保存的扫描结果文件,如下所示.
这样我们将得到一份格式化的html输出文件,使用的html文件来查找漏洞。
我们已经明了针对若干漏洞该如何保护我们的网站。要获取最新的漏洞信息,我们需要保证扫描之前更新nkito数据库。
参考:
Home page : https://cirt.net/Nikto2
Documentation : https://cirt.net/nikto2-docs/
Development : https://github.com/sullo/nikto
对于使用Web站点测试的人员来说,nikto将是最为有力的工具之一.它将成为你进行Web测试的一个可喜选择,对提升你的站点安全起到应有的作用.
翻译: http://www.unixmen.com/install-nikto-web-scanner-check-vulnerabilities/
扫一扫
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
