Install Nikto

4/25/2019

Nikto Web Scanner is an another good to have tool for any Linux administrator’s arsenal. It’s an Open source web scanner released under the GPL license, which is used to perform comprehensive tests on Web servers for multiple items including over 6500 potentially dangerous files/CGIs.

Suggested Read:WPSeku – A Vulnerability Scanner to Find Security Issues in WordPress

It’s written by Chris Solo and David Lodge for Vulnerability assessment, it checks for outdated versions over 1250 Web servers and over 270 version specific problems. It also scans and reports for outdated web server software and plugins.

Features of Nikto Web Scanner

  1. Supports SSL
  2. Supports full HTTP proxy
  3. Supports text, HTML, XML and CSV to save reports.
  4. Scan for multiple ports
  5. Can scan on multiple servers by taking inputs from files like nmap output
  6. Support LibWhisker IDS
  7. Capable enough to identify installed software with headers, files, and favicons
  8. Logs for Metasploits
  9. Reports for “unusual ” headers.
  10. Apache and cgiwrap user enumeration
  11. Authenticate hosts with Basic and NTLM
  12. Scans can be Auto-paused at a specified time.

Nikto Requirements

A system with basic Perl, Perl Modules, OpenSSL installation should enable Nikto to run. It has been thoroughly tested on Windows, Mac OSX and various Unix/Linux distributions such as Red Hat, Debian, Ubuntu, BackTrack, etc.

Installation of Nikto Web Scanner on Linux

Most of the today’s Linux systems comes with pre-installed Perl, Perl Modules, and OpenSSL packages. Network marketing tips for beginners. If not included, you can install them using the default system package manager utility called yum or apt-get.

On Red Hat/CentOS/Fedora
On Debian/Ubuntu/Linux Mint

Next, clone the latest stable Nikto source files from its Github repository, move into Nikto/programs/ directory and run it using perl:

Sample Output

The “Option host requires an argument” is clearly telling that we didn’t include the needed parameters while doing a test. So, we need to add a basic necessary parameter to do a test run.

Basic Testing

The basic scan requires a host that you want to target, by default it scans port 80 if nothing is specified. The host can either be a hostname or an IP Address of a system. You can specify a host using “-h” option.

So, when we say “satisfaction guaranteed,” our members and customers know they can return or exchange an item that doesn’t meet their expectations. They can count on us to put their needs first and help prepare them for a successful experience. Employee handbook examples. That’s what makes REI trustworthy and keeps people coming back for more. At REI, we stand behind our products without fail. Quality We provide trustworthy products and services.

For example, I want to do a scan on an IP 172.16.27.56 on TCP port 80.

Sample Output

If you want to scan on a different port number, then add “-p” [-port] option. For example, I want to do a scan on IP 172.16.27.56 on TCP port 443.

Sample Output

You can also specify hosts, ports and protocols using a full URL syntax, and it will be scanned.

You can also scan any website. For example, here I did a scan on google.com.

Sample Output

The above command will perform a bunch of http requests (i.e. more than 2000 tests) on the web server.

Multiple Port Testing

You can also perform multiple ports scanning in the same session. To scan multiple ports on the same host, add “-p” [-port] option and specify the list of ports. Ports can be defined as a range (i.e., 80-443), or as a comma separated (i.e., 80,443). For example, I want to scan a ports 80 and 443 on the host 172.16.27.56.

Sample Output

Using a Proxy

Let’s say a system where Nikto is running only has access to the target host via an HTTP proxy, the test can still be performed using two different ways. One is using nikto.conf file and another way is to run directly from the command line.

Using Nikto.conf File

Open nikto.conf file using any command line editor.

Search for the variable “PROXY” and uncomment the ‘#‘ from the beginning of the lines as shown. Then add the proxy host, port, proxy user and password. Save and close the file.

Now, execute the Nikto using “-useproxy” option. Please note all connections will be relayed via the HTTP proxy.

Sample Output
Using Command Line

To run the Nikto directly from the command line using the “-useproxy” option by setting the proxy as the argument.

Sample Output

Updating Nikto

You can update Nikto to the latest plugins and databases automatically, simply run the “-update” command.

If new updates are available, you will see a list of new updates downloaded.

You can also manually download and update Nikto plugins and databases from the http://cirt.net/nikto/UPDATES/.

Reference Links

Share

What is Nikto web scanner and it’s use ?

Nikto Web-scanner is a open source web-server scanner which can be used to scan the web-servers for malicious programs and files. Nikto can be used to scan the outdated versions of programs too. Nikto will provide us a quick and easy scan to find out the dangerous files and programs in server, At the end of scan result with a log file. Using nikto we can scan http, https, httpd traffics too.

To run the Nikto we don’t need any hard resource using software’s, If our server installed with Perl it’s fine to run the nikto. It’s available for every Operating systems such as Linux, Unix like RedHat, Centos, Debian, Ubuntu, Solaris, BackTrack, MacOSX. Supports SSL, http proxy, Scan multiple ports on a server, Check for outdated server components etc. We can get the output of result in following formats TXT, CSV, HTML, XML.

Newly released version of Nikto Web scanner:

Nikto released it’s version 2.1.5 in 2012 but it’s under updates for each and every new vulnerabilities till date.

vulnerabilities Database:

We can find each and every vulnerabilities database in following URL.

My Environment Setup:

  • Hostname : prodsrv.unixmen.com
  • IP address : 192.168.0.166
  • Operating system : Ubuntu 14.04 LTS

Run the following commands to check the hostname, IP address, and OS version.

Step by Step Installation

First we need to download and install nikto web scanner from Official website.

How to uninstall (remove) Doulci iCloud Activator Completely? •, 7 and other prevoius windows versions. Doulci installation password.

Let we download the package which in .bz2 or gz format using wget in our production server.

https://cirt.net/nikto/nikto-2.1.5.tar.bz2
https://cirt.net/nikto/nikto-2.1.5.tar.gz

Step 1: Download the package


Step 2: Extract the package using below command

Step 3: Navigate to the home directory

Then move the extracted nikto package to /usr/local/bin/:


* Nikto config file need to be in /etc/, But now it’s currently under /usr/local/bin/ While having a look into conf we can find that nikto will skip the scan for ports 21 & 111, And from were it want to download it’s update and much more.

Step 4: Creating Symlink & Permission.

Now we need to create a symlink for our conf file to /etc/ because nikto look for conf file under /etc/. Then make our nikto script as executable using chmod.

Step 5: Update the nikto Database.

Before performing any scan we need to update the nikto database packages using.


To list the available Plugins for nikto we can use the below command.

Step 6: Scan for vulnerabilities:

To Scan for a website using hostname we can use the option -h followed by niktop command.


Scan for a hostname using multiple ports we can use -p option followed by nikto.pl


While scanning for vulnerabilities we can see the process, If we need to see the live process we need to use option Display.

Where,

  • -D = Display
  • v = Verbose
  • -h = hostname
Scan Only using specific check using tuning option:

While Tuning options used we can specify which test need to made, Using x option we can exclude the tests which we don’t need.
Below Options are available for specific scan’s.

0 – File Upload

1 – Interesting File // we will get in logs

2 – Misconfiguration / Default File

3 – Information Disclosure

4 – Injection (XSS/Script/HTML)

5 – Remote File Retrieval – Inside Web Root

6 – Denial of Service // Scan for DDOS

7 – Remote File Retrieval – Server Wide

8 – Command Execution // Remote Shell

9 – SQL Injection // Scan for mysql vulnerabilities

a – Authentication Bypass

b – Software Identification

c – Remote Source Inclusion

x – Reverse Tuning Options
Now here let me scan for SQL vulnerabilities for a website. A single test will finish in short time if we not specified for a single scan it will take the full scan and take hours to complete.


Scan for multiple test using:

Scan and save the result to a file using below command to find the vulnerabilities.


After scan completes we will get the result in html format in current directory as show below.


We will get a decent format of output as show below in html format to find the vulnerabilities.


That’s it, Here we have seen how to protect our website from several vulnerabilities. To know the up to date vulnerabilities we need to keep the nikto package update before scanning.

Resources:

  • Home page : https://cirt.net/Nikto2
  • Documentation : https://cirt.net/nikto2-docs/
  • Development : https://github.com/sullo/nikto

Conclusion:

To those who searching for web scanner nikto will be one of powerful tool to end your web scanner search. Hope this will will bring you a good idea to scan vulnerbalites for you site even your site are well harden in several settings.

All Tamil Movie Mp3 Songs Free Download
Network Marketing Tips In Hindi Pdf
Comments are closed.