Nikto是一款Web安全扫描工具,可以扫描指定主机的web类型,主机名,特定目录,cookie,特定CGI漏洞,XSS漏洞,SQL注入漏洞等,非常强大滴说。。。

root@xi4ojin:~# cd /pentest/web/nikto/

root@xi4ojin:/pentest/web/nikto# ls

docs nikto.conf nikto.pl plugins templates

root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h

Option host requires an argument

-config+ Use this config file

-Cgidirs+ scan these CGI dirs: ‘none’, ‘all’, or values like “/cgi/ /cgi-a/”

-dbcheck check database and other key files for syntax errors

-Display+ Turn on/off display outputs

-evasion+ ids evasion technique

-Format+ save file (-o) format

-host+ target host

-Help Extended help information

-id+ Host authentication to use, format is id:pass or id:pass:realm

-list-plugins List all available plugins

-mutate+ Guess additional file names

-mutate-options+ Provide extra information for mutations

-output+ Write output to this file

-nocache Disables the URI cache

-nossl Disables using SSL

-no404 Disables 404 checks

-port+ Port to use (default 80)

-Plugins+ List of plugins to run (default: ALL)

-root+ Prepend root value to all requests, format is /directory

-ssl Force ssl mode on port

-Single Single request mode

-timeout+ Timeout (default 2 seconds)

-Tuning+ Scan tuning

-update Update databases and plugins from CIRT.net

-vhost+ Virtual host (for Host header)

-Version Print plugin and database versions

+ requires a value

Note: This is the short help output. Use -H for full help.

升级插件

root@xi4ojin:/pentest/web/nikto# ./nikto.pl -update

-h 指定扫描的目标 –p 端口

root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h www.xiaojin.org -p 80

-C 指定CGI目录 –all表示猜解CGI目录

root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h www.xiaojin.org -C all

-T选项包含很多小选项 –T 9表示扫描SQL注入漏洞

root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h www.xiaojin.org -T 9

-D指定输出显示2显示cookies

root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h www.xiaojin.org -D 2

-T选项包含的小选项解释:

0 检查文件上传页面

1 检查web日志

2 检查错误配置或默认文件

3检查信息泄露问题

4 检查XSS/Script/HTML问题

5 从根目录检查是否存在可访问的文件

6 检查拒绝服务问题

7 从任意文件检索是否存在可访问文件

8 检查是否存在系统命令执行漏洞

9 检查SQL注入漏洞

a 检查认证绕过问题

b 识别安装的软件版本

c 检查源代码泄露问题

x 反向链接选项

本文摘自独自等待博客

04-15 05:16