Saturday, February 20, 23:33
Home security Nikto: How to find web vulnerabilities with the open source tool

Nikto: How to find web vulnerabilities with the open source tool

One of the first steps of one ethical hacker ή penetration tester when testing a web application, it is to identify the vulnerabilities associated with it. One of the tools for this purpose is the well known Nikto.

Nikto is a very simple one, . a tool written in Perl language and its purpose is to check a website (ie a web application) for security vulnerabilities. As a result, it returns the vulnerabilities that an attacker can exploit and trash it. website.

Although very simple to use, it is a tool that can be detected, since any website that uses an Intrusion Detection System (IDS) will be able to detect it.

How to install it

As you can imagine, Nikto is pre-installed on Kali Linux so you won't need to download or install it. You will find it in the "Vulnerability Analysis" category.

Ubuntu & Debian

Install Nikto on Ubuntu by running the following commands in a terminal. :

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install nikto -y

Windows

Follow the procedure below to install Nikto in an environment Windows:

  1. Install the perl interpreter from here.
  2. Download it Nikto's compressed folder.
  3. Extract the contents of the folder from step 2. at the location of your choice.
  4. Open a command prompt with administrator permissions.
  5. To check that Perl is installed correctly, run perl -v

vulnerabilities

  1. Then browse to Nikto's site (Step 3) and
  2. Run the following command to start the scan: perl nikto.pl -h www.site.com

How to use it

To see the available parameters that we can use with Nikto, just open a terminal and type nikto –help. The result of the command is shown below:

root @ kali: ~ # nikto –help
Unknown option: help       -config + Use this config file
       -Display + Turn on / off display outputs
       -dbcheck check database and other key files for syntax errors
       -Format + save file (-o) format
       -Help Extended help information
       -host + target host / URL
       -id + Host authentication to use, format is id: pass or id: pass: realm
       -list-plugins List all available plugins
       -output + Write output to this file
       -nossl Disables using SSL
       -no404 Disables 404 checks
       -Plugins + List of plugins to run (default: ALL)
       -port + Port to use (default 80)
       -root + Prepend root value to all requests, format is / directory
       -ssl Force ssl mode on port
       -Tuning + Scan tuning
       -timeout + Timeout for requests (default 10 seconds)
       -update Update databases and plugins from CIRT.net
       -Version Print plugin and database versions
       -vhost + Virtual host (for Host header)
           + requires a valueNote: This is the short help output. Use -H for full help text.

In the examples below, we ran Nikto scans on a site we use for testing purposes (IP: 192.168.142.130).

nikto -h

We see the vulnerabilities that Nikto returns to the screen below.

Nobody

nikto -h -ssl

In the above command we selected the parameter -ssl to perform the scan for the 443 (HTTPS) door.

vulnerabilities

Nikto enables us to run a scan to check for a specific vulnerability. The different types of vulnerabilities we can include in our controls are:

0 - File Upload

1 - Interesting File / Seen in logs

2 - Misconfiguration / Default File

3 - Information Disclosure

4 - Injection (XSS / Script / HTML)

5 - Remote File Retrieval - Inside Web Root

6 - Denial of Service

7 - Remote File Retrieval - Server Wide

8 - Command Execution / Remote Shell

9 - SQL Injection

a - Bypass Authentication

b - Software Identification

c - Remote Source Inclusion

The Tuning x option allows us to reverse our choice and check for all other vulnerabilities except the one we set. B.C.:

nikto -Tuning x 6

The different formats we can use to store scan results are:

  • csv - Comma-separated-value
  • htm - HTML Format
  • msf + - Log to Metasploit
  • nbe - Nessus NBE format
  • txt - Plain text (default if not specified)
  • xml - XML ​​Format

So the following command will save the results of our scan to an xml file:

nikto -h -o results.xml

Another option we can use is anonymous scanning. This will be done by redirecting the web traffic to make it through proxy. First we need to modify the nikto config file by running the following command:

Nano /etc/nikto/config.txt

Going to the proxy settings we need to update the values ​​accordingly (proxy IP address and door):

# Proxy settings - still must be enabled by -useproxy
PROXYHOST = address_IP_proxy
PROXYPORT = door_number

We can now run our scan anonymously with the following command:

nikto -useproxy -h

 

How did Nikto look to you? Will you use it? We look forward to your comments ...

LEAVE ANSWER

Please enter your comment!
Please enter your name here

stormi
stormi
Here's the crazy ones, the misfits, the rebels, the troublemakers ...

LIVE NEWS

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...

What are the 6 most known attacks on gaming companies?

A few days ago, the gaming company Big Huge Games informed the players that it was the victim of an attack, which affected its data ...

Xbox gift cards are sold at a 10% discount on Amazon

Xbox owners can save some money on games, add-ons, subscriptions and more if they buy Xbox gift cards at ...

Perseverance: NASA spacecraft lands on Mars!

The spacecraft "Perseverance" successfully landed yesterday, shortly before 11 pm Greek time on Mars. Aim of this mission of ...

YouTube: You can play 4K videos on devices with low resolution screens

Youtube application on Android allows you to play videos up to 4K resolution. All you need is a phone with ...