nikto_usage.html
来自「一个用perl写的功能强大的cgi漏洞检测程序」· HTML 代码 · 共 332 行 · 第 1/2 页
HTML
332 行
SKIPPORTS - Port number never to scan (so you don't crash services, perhaps?).<br> PROXYHOST - Server to use as a proxy, either IP or hostname, no 'http://' needed.<br> PROXYPORT - Port number that PROXYHOST uses as a proxy.<br> PROXYUSER - If the PROXYHOST requires authentication, use this ID. Nikto will prompt for it if this is not set & it is needed.<br> PROXYPASS - If the PROXYHOST requires a password for PROXYUSER, use this password. Nikto will prompt for it if this is not set & it is needed.<br> PLUGINDIR - If Nikto can't find it's plugin directory for some reason, enter the full path and the problem is solved.<br> UPDATES - Turns data push to cirt.net on. Please see the CIRT.NET UPDATES section for details.<br> MAX_WARN - If the number of OK or MOVED messages reaches this number, a warning will printed.<br> PROMPTS - If set to "no", Nikto will *never* prompt for anything--proxy auth, updates, nothing...<br> DEFAULTHTTPVER - First try this HTTP method. If this fails, Nikto will attempt to find a valid one. Useful if you want try something non-standard.<br> STATIC-COOKIE - The name/value of this cookie, if set, will be sent for every request (useful for auth cookies).<br> <br> Variables that start with the 'at' sign (@) will be used when scan rules are loaded. For each value (seperated by space), the rule<br> will be duplicated. See the TEST DATABASES section for more information.<br> <br> Predefined variables are:<br> @CGIDIRS - CGI directories to look for, valid ones (or all) will be used for CGI checks against the remote host.<br> @MUTATEDIRS - Additional directories to use when operating under the Mutate mode besides ones already defined the .db files.<br> @MUTATEFILES - Additional files to use when operating under the Mutate mode besides ones already defined the .db files.<br> @ADMINDIRS - Typical administration directories.<br> @USERS - Typical user names for the user guessing plugins.<br> <br> <br><b>CIRT.NET UPDATES</b><br> In order to help keep the Nikto databases up-to-date, you have the ability to easily submit some updates back to cirt.net for inclusion<br> in new copies of the databases. Currently, this only includes software versions (such as "Apache/7.0.3"). If Nikto scans a host and sees a <br> newer version on the host than it has in the database, or it is missing entirely, (and your databases are fairly recent), this information can<br> be automatically (or manually) sent back to cirt.net. <br> <br> Behaviour of this option is controlled in config.txt through the UPDATES variable. If UPDATES is set to "no", Nikto will<br> not send or ask about sending values to cirt.net. If set to "auto", it will automatically send the data through an HTTP request. If set to "yes"<br> (which is the default), when there are updates it will ask if you would like to submit and show you the data (unless PROMPTS=no).<br> <br> There is only one thing submitted to cirt.net when you do this: the "updated" version string. No information specific to the host tested is sent.<br> No information from the scanning source is sent (it does log your IP address as seen by cirt.net's web server, but... nothing else). <br> <br> If you're not comfortable with this, you may also email it to me at sullo@cirt.net or just set UPDATES=no. Please don't complain and say I'm <br> stealing your data... just trying to save me some work ;)<br> <br> Again: the default configuration of Nikto does *not* send *any* data to cirt.net.<br><br> <br><b>TEST DATABASES</b><br> Rules in the scan databases can use dynamic variables from config.txt. Any variable that starts with the 'at' sign (@)<br> will be substited in rules. For example:<br> <br> A rule of "generic","@CGIDIRStest.html","200","GET","Test" with "@CGIDIRS=/cgi-bin/ /cgi-sys/" will test for:<br> /cgi-bin/test.html<br> /cgi-sys/test.html<br><br> Any number of these variables can be set, and any number can be used in a rule (i.e., "@CGIDIRS@ADMINDIRStest.html").<br> Additionally, the generic @HOSTNAME and @IP are available, which use the current target's hostname or IP.<br> <br> Rules can be specified which also have conditionals for test success. This can allow a test to look for a 200 HTTP response<br> but not contain the word "home". This would look like "200!home" in the scan_database.db file.<br> <br><b>EXAMPLES</b><br> A basic scan of a web server on port 80. The -h option is the only option that is required for a basic scan of a web<br> server on the standard HTTP port.<br> <br> nikto.pl -h 10.100.100.10<br> <br> A basic scan of a web server on port 443, forcing SSL encryption and ignoring the Server header. Note that Nikto does<br> not assume port 443 to be SSL, but if HTTP fails it will try HTTPS.<br> <br> nikto.pl -h 10.100.100.10 -p 443 -s -g<br> <br> Scanning multiple ports on the server, letting Nikto determine if they are HTTP and SSL encrypted.<br> <br> nikto.pl -h 10.100.100.10 -p 80-90 <br> <br> Scanning specific ports on the system.<br><br> nikto.pl -h 10.100.100.10 -p 80,443,8000,8080<br><br> You may combine IDS evasion techniques as desired.<br> <br> nikto.pl -h 10.100.100.10 -p 80 -e 167<br><br><br><b>IMPORTANT FILES</b><br> config.txt - run-time configuration options, see the CONFIG FILE section<br> nikto_core.plugin - main Nikto code, absolutely required<br> nikto_plugin_order.txt - determines the order in which plugins are executed<br> LW.pm - The stand-alone LibWhisker file.<br> user_scan_database.db - If it exists in the plugins directory, it will load these checks as well. Same syntax as scan_database.db<br><br><br><b>ADDITIONAL SOFTWARE</b><br> LibWhisker is required for proper execution of Nikto. The LW.pm library is included with Nikto, but it is recommended<br> that you download and install the full LibWhisker module from http://www.wiretrip.net/. If you are not using an installed<br> Libwhisker, you will need to change Nikto.pl so that it includes the proper LW.pm file. Edit Nikto.pl and comment the line:<br> use LW;<br> and uncomment the line below it:<br> require "./plugins/LW.pm";<br> <br> nmap can be used to speed up port scans. This should be much faster than relying on PERL code to perform port scans. Nmap can<br> be obtained from http://www.nmap.org/, it is not included with Nikto.<br> <br> SSL software is required to test using HTTPS. For Windows systems, the SSL software and libraries can be obtained from<br> http://www.activestate.com/. For unix systems, OpenSSL from http://www.openssl.org/ and the Net::SSLeay module from<br> http://www.cpan.org/ are required.<br><br><b>CHECKS</b><br> Checks, both information and actual security problems, are derived from a number of sources. These include the mailing lists<br> BugTraq, NTBugTraq, WebAppSec (WWW-Mobile-Code), and others. The web sites www.securitytracker.com, www.securiteam.com, <br> www.packetstormsecurity.com and www.securityfocus.com. Additionally, updates to Nessus are watched and many thanks to<br> all the plugin writers (and to Renaud for Nessus itself) (http://www.nessus.org/).<br><br><b>WARNINGS</b><br> Nikto can cause harm to your local system, the remote system and/or the network. Some options can generate over 70,000 <br> HTTP requests to a target. Do not run Nikto againsts hosts you are not authorized to perform testing against. Cirt.net<br> takes no responsibility for anything done with this software, any problems it may cause or problems it may find.<br> <br> Plugins are standard PERL. They are included and executed when Nikto is run. If you run the -update option, new and<br> updated plugins will be downloaded from cirt.net. This means you are downloading code, and potentially running it, <br> without viewing it yourself. Please consider the implications. Do not assume code distributed from Cirt.net is not<br> harmful, as accidents happen and a malicious third party may have inserted a dangerous plugin. Cirt.net assumes no <br> responsibility if any malicious code is delivered via the -update option.<br> <br><br><b>DISTRIBUTION</b><br> Nikto and updated databases and plugins is distributed from http://www.cirt.net/<br> <br> <br><b>SEE ALSO</b><br> LibWhisker - http://www.wiretrip.net/<br> Nmap - http://www.nmap.org/<br> OpenSSL - http://www.openssl.org/<br> CPAN - http://www.cpan.org/<br> ActiveState - http://www.activestate.com/<br> Nessus - http://www.nessus.org/<br> <br> <br><b>LICENSE</b><br> This copyright applies to all code included in this distribution, but does not include the LibWhisker software, which is<br> distributed under its own license.<br><br> Copyright (C) 2001-2003 Sullo/CIRT.net<br><br> This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License<br> as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.<br><br> This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of<br> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.<br><br><br> You should have received a copy of the GNU General Public License along with this program; if not, write to the <br> Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.<br> <br> Contact Information: See the AUTHOR section.<br><br><br><b>AUTHOR</b><br> Sullo, sullo@cirt.net<br> http://www.cirt.net/<br> <br> Suggestions/fixes/support from: Jericho/attrition.org, rfp/wiretrip.net, Zel/firewallmonkeys.com, Zeno/cgisecurity.com, <br> Darby/cirt.net, Valdez/cirt.net, S Saady, P Eronen/nixu.com, M Arboi, T Seyrat, J DePriest, P Woroshow, fr0stman, E Udassin,<br> H Heimann and more<br> <br> Many tests and contributed/suggested by: M Richardson, Jericho/attrition.org, Prickley Paw, M Arboi, H Heimann and more<br> <br> And Xiola.net for succeeding where everyone else has failed.<br> <br>⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?