Nikto - Ipalara Ohun elo Wẹẹbu ati Scanner CGI fun Awọn olupin Wẹẹbu
Nikto Scanner oju-iwe jẹ ohun miiran ti o dara lati ni ọpa fun eyikeyi asasi ti olutọju Linux. O jẹ aṣawakiri wẹẹbu orisun orisun ti a tu silẹ labẹ iwe-aṣẹ GPL, eyiti a lo lati ṣe awọn idanwo okeerẹ lori awọn olupin Wẹẹbu fun awọn ohun pupọ pẹlu eyiti o ju 6500 awọn faili ti o le ni eewu/CGIs.
O ti kọ nipasẹ Chris Solo ati David Lodge fun iṣiro Iyatọ, o ṣayẹwo fun awọn ẹya ti igba atijọ lori awọn olupin Wẹẹbu 1250 ati lori awọn iṣoro pato ẹya 270. O tun ṣe awakọ ati awọn iroyin fun sọfitiwia olupin wẹẹbu ati awọn afikun.
Awọn ẹya ara ẹrọ ti Scanner Wẹẹbu Nikto
- Ṣe atilẹyin SSL
- Ṣe atilẹyin aṣoju HTTP ni kikun
- Ṣe atilẹyin ọrọ, HTML, XML ati CSV lati fi awọn iroyin pamọ.
- Ọlọjẹ fun awọn ibudo pupọ
- Le ṣe ọlọjẹ lori awọn olupin pupọ nipa gbigbe awọn igbewọle lati awọn faili bii iṣẹjade nmap
- Ṣe atilẹyin Awọn ID ID LibWhisker
- Agbara to lati ṣe idanimọ sọfitiwia ti a fi sii pẹlu awọn akọle, awọn faili, ati favicons
- Awọn akọọlẹ fun Awọn iṣiro ilu
- Awọn iroyin fun awọn akọle “dani”.
- Afun ati iṣiro olumulo olumulo cgiwrap
- Jẹrisi awọn ogun pẹlu Ipilẹ ati NTLM
- Awọn sikanu le wa ni Idaduro-laifọwọyi ni akoko pàtó kan.
Awọn ibeere Nikto
Eto kan pẹlu ipilẹ Perl, Awọn modulu Perl, fifi sori OpenSSL yẹ ki o mu Nikto ṣiṣẹ. O ti ni idanwo daradara lori Windows, Mac OSX ati ọpọlọpọ awọn pinpin Unix/Linux bii Red Hat, Debian, Ubuntu, BackTrack, abbl.
Fifi sori ẹrọ ti Scanner wẹẹbu Nikto lori Lainos
Pupọ ninu awọn eto Lainos oni wa pẹlu Perl, Awọn modulu Perl, ati awọn idii ti a fi sii tẹlẹ. Ti ko ba ṣafikun, o le fi wọn sii nipa lilo ohun elo oluṣakoso package package aiyipada ti a pe ni yum tabi apt-get.
yum install perl perl-Net-SSLeay openssl
apt-get install perl openssl libnet-ssleay-perl
Nigbamii ti, ṣe ẹda oniye awọn faili orisun iduroṣinṣin Nikto tuntun lati ibi ipamọ Github rẹ, gbe sinu Nikto/awọn eto/itọsọna ati ṣiṣe rẹ ni lilo perl:
$ git clone https://github.com/sullo/nikto.git $ cd nikto/programs $ perl nikto.pl -h
Option host requires an argument
-config+ Use this config file
-Display+ Turn on/off display outputs
-dbcheck check database and other key files for syntax errors
-Format+ save file (-o) format
-Help Extended help information
-host+ target host
-id+ Host authentication to use, format is id:pass or id:pass:realm
-list-plugins List all available plugins
-output+ Write output to this file
-nossl Disables using SSL
-no404 Disables 404 checks
-Plugins+ List of plugins to run (default: ALL)
-port+ Port to use (default 80)
-root+ Prepend root value to all requests, format is /directory
-ssl Force ssl mode on port
-Tuning+ Scan tuning
-timeout+ Timeout for requests (default 10 seconds)
-update Update databases and plugins from CIRT.net
-Version Print plugin and database versions
-vhost+ Virtual host (for Host header)
+ requires a value
Note: This is the short help output. Use -H for full help text.
\ "Alejo Aṣayan nilo ariyanjiyan kan" n sọ ni kedere pe a ko pẹlu awọn ipele ti o nilo lakoko ṣiṣe idanwo kan. Nitorinaa, a nilo lati ṣafikun ipilẹ pataki ti o ṣe pataki lati ṣe ṣiṣe idanwo kan.
Ọlọjẹ ipilẹ nilo ogun ti o fẹ fojusi, nipa aiyipada o ṣe awari ibudo 80 ti ko ba ṣe alaye nkankan. Alejo le boya jẹ orukọ olupin tabi Adirẹsi IP ti eto kan. O le ṣọkasi ogun nipa lilo aṣayan\"- h".
Fun apẹẹrẹ, Mo fẹ ṣe ọlọjẹ lori IP 172.16.27.56 lori ibudo TCP 80.
perl nikto.pl -h 172.16.27.56
- Nikto v2.1.5 --------------------------------------------------------------------------- + Target IP: 172.16.27.56 + Target Hostname: example.com + Target Port: 80 + Start Time: 2014-01-10 00:48:12 (GMT5.5) --------------------------------------------------------------------------- + Server: Apache/2.2.15 (CentOS) + Retrieved x-powered-by header: PHP/5.3.3 + The anti-clickjacking X-Frame-Options header is not present. + Server leaks inodes via ETags, header found with file /robots.txt, inode: 5956160, size: 24, mtime: 0x4d4865a054e32 + File/dir '/' in robots.txt returned a non-forbidden or redirect HTTP code (200) + "robots.txt" contains 1 entry which should be manually viewed. + Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.22). Apache 1.3.42 (final release) and 2.0.64 are also current. + Multiple index files found: index.php, index.htm, index.html + DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details. + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST + OSVDB-3233: /phpinfo.php: Contains PHP configuration information + OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings. + OSVDB-3092: /test.html: This might be interesting... + OSVDB-3268: /icons/: Directory indexing found. + OSVDB-3233: /icons/README: Apache default file found. + /connect.php?path=http://cirt.net/rfiinc.txt?: Potential PHP MySQL database connection string found. + OSVDB-3092: /test.php: This might be interesting... + 6544 items checked: 0 error(s) and 16 item(s) reported on remote host + End Time: 2014-01-10 00:48:23 (GMT5.5) (11 seconds) --------------------------------------------------------------------------- + 1 host(s) tested
Ti o ba fẹ ṣe ọlọjẹ lori nọmba ibudo oriṣiriṣi, lẹhinna fikun aṣayan\"- p” [-port]. Fun apẹẹrẹ, Mo fẹ ṣe ọlọjẹ lori IP 172.16.27.56 lori ibudo TCP 443.
perl nikto.pl -h 172.16.27.56 -p 443
- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP: 172.16.27.56
+ Target Hostname: example.com
+ Target Port: 443
---------------------------------------------------------------------------
+ SSL Info: Subject: /O=*.mid-day.com/OU=Domain Control Validated/CN=*.mid-day.com
Ciphers: DHE-RSA-AES256-GCM-SHA384
Issuer: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certificates.starfieldtech.com/repository/CN=Starfield Secure Certification Authority/serialNumber=10688435
+ Start Time: 2014-01-10 01:08:26 (GMT5.5)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ Server leaks inodes via ETags, header found with file /, inode: 2817021, size: 5, mtime: 0x4d5123482b2e9
+ The anti-clickjacking X-Frame-Options header is not present.
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.22). Apache 1.3.42 (final release) and 2.0.64 are also current.
+ Server is using a wildcard certificate: '*.mid-day.com'
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-3268: /icons/: Directory indexing found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ 6544 items checked: 0 error(s) and 8 item(s) reported on remote host
+ End Time: 2014-01-10 01:11:20 (GMT5.5) (174 seconds)
---------------------------------------------------------------------------
+ 1 host(s) testedO tun le ṣafihan awọn ogun, awọn ibudo ati awọn ilana nipa lilo sintasi URL ni kikun, ati pe yoo ṣayẹwo.
perl nikto.pl -h http://172.16.27.56:80
O tun le ṣayẹwo eyikeyi oju opo wẹẹbu. Fun apẹẹrẹ, nibi Mo ṣe ọlọjẹ lori google.com.
perl nikto.pl -h http://www.google.com
- Nikto v2.1.5 --------------------------------------------------------------------------- + Target IP: 173.194.38.177 + Target Hostname: www.google.com + Target Port: 80 + Start Time: 2014-01-10 01:13:36 (GMT5.5) --------------------------------------------------------------------------- + Server: gws + Cookie PREF created without the httponly flag + Cookie NID created without the httponly flag + Uncommon header 'x-frame-options' found, with contents: SAMEORIGIN + Uncommon header 'x-xss-protection' found, with contents: 1; mode=block + Uncommon header 'alternate-protocol' found, with contents: 80:quic + Root page / redirects to: http://www.google.co.in/?gws_rd=cr&ei=xIrOUomsCoXBrAee34DwCQ + Server banner has changed from 'gws' to 'sffe' which may suggest a WAF, load balancer or proxy is in place + Uncommon header 'x-content-type-options' found, with contents: nosniff + No CGI Directories found (use '-C all' to force check all possible dirs) + File/dir '/groups/' in robots.txt returned a non-forbidden or redirect HTTP code (302) ….
Aṣẹ ti o wa loke yoo ṣe opo awọn ibeere http (bii diẹ sii ju awọn idanwo 2000) lori olupin ayelujara.
O tun le ṣe ọpọlọpọ awọn ibudo ọlọjẹ ni igba kanna. Lati ṣe ọlọjẹ ọpọlọpọ awọn ibudo lori ogun kanna, ṣafikun aṣayan “-p” [-port] ki o ṣọkasi akojọ awọn ibudo. A le ṣalaye awọn ibudo bi ibiti (ie, 80-443), tabi bi iyasọtọ ti o ya (ie, 80,443). Fun apẹẹrẹ, Mo fẹ ṣe ọlọjẹ awọn ibudo 80 ati 443 kan ti o gbalejo 172.16.27.56.
perl nikto.pl -h 172.16.27.56 -p 80,443
- Nikto v2.1.5
---------------------------------------------------------------------------
+ No web server found on cmsstage.mid-day.com:88
---------------------------------------------------------------------------
+ Target IP: 172.16.27.56
+ Target Hostname: example.com
+ Target Port: 80
+ Start Time: 2014-01-10 20:38:26 (GMT5.5)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ Retrieved x-powered-by header: PHP/5.3.3
+ The anti-clickjacking X-Frame-Options header is not present.
---------------------------------------------------------------------------
+ Target IP: 172.16.27.56
+ Target Hostname: example.com
+ Target Port: 443
---------------------------------------------------------------------------
+ SSL Info: Subject: /O=*.mid-day.com/OU=Domain Control Validated/CN=*.mid-day.com
Ciphers: DHE-RSA-AES256-GCM-SHA384
Issuer: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certificates.starfieldtech.com/repository/CN=Starfield Secure Certification Authority/serialNumber=10688435
+ Start Time: 2014-01-10 20:38:36 (GMT5.5)
---------------------------------------------------------------------------
+ Server: Apache/2.2.15 (CentOS)
+ All CGI directories 'found', use '-C none' to test none
+ Apache/2.2.15 appears to be outdated (current is at least Apache/2.2.22). Apache 1.3.42 (final release) and 2.0.64 are also current.
.....Jẹ ki a sọ eto kan nibiti Nikto ti n ṣiṣẹ nikan ni iraye si ile-iṣẹ ibi-afẹde nipasẹ aṣoju HTTP, idanwo naa le tun ṣee ṣe nipa lilo awọn ọna oriṣiriṣi meji. Ọkan nlo faili nikto.conf ati ọna miiran ni lati ṣiṣe taara lati laini aṣẹ.
Ṣii faili nikto.conf nipa lilo eyikeyi olootu laini aṣẹ.
vi nikto.conf
Wa fun oniyipada “PROXY” ati uncomment the ‘#’ lati ibẹrẹ awọn ila bi o ti han. Lẹhinna ṣafikun ogun aṣoju, ibudo, olumulo aṣoju ati ọrọ igbaniwọle. Fipamọ ki o pa faili naa.
# Proxy settings -- still must be enabled by -useproxy PROXYHOST=172.16.16.37 PROXYPORT=8080 PROXYUSER=pg PROXYPASS=pg
Bayi, ṣiṣẹ Nikto nipa lilo aṣayan “-useproxy”. Jọwọ ṣe akiyesi gbogbo awọn isopọ yoo jẹ atunlo nipasẹ aṣoju HTTP.
[email nikto-2.1.5]# perl nikto.pl -h localhost -p 80 -useproxy
- Nikto v2.1.5 --------------------------------------------------------------------------- + Target IP: 127.0.0.1 + Target Hostname: localhost + Target Port: 80 + Start Time: 2014-01-10 21:28:29 (GMT5.5) --------------------------------------------------------------------------- + Server: squid/2.6.STABLE6 + Retrieved via header: 1.0 netserv:8080 (squid/2.6.STABLE6) + The anti-clickjacking X-Frame-Options header is not present. + Uncommon header 'x-squid-error' found, with contents: ERR_CACHE_ACCESS_DENIED 0 + Uncommon header 'x-cache-lookup' found, with contents: NONE from netserv:8080
Lati ṣiṣe Nikto taara lati laini aṣẹ ni lilo aṣayan “-useproxy” nipa siseto aṣoju bi ariyanjiyan.
[email nikto-2.1.5]# perl nikto.pl -h localhost -useproxy http://172.16.16.37:8080/
- Nikto v2.1.5 --------------------------------------------------------------------------- + Target IP: 127.0.0.1 + Target Hostname: localhost + Target Port: 80 + Start Time: 2014-01-10 21:34:51 (GMT5.5) --------------------------------------------------------------------------- + Server: squid/2.6.STABLE6 + Retrieved via header: 1.0 netserv:8080 (squid/2.6.STABLE6) + The anti-clickjacking X-Frame-Options header is not present. + Uncommon header 'x-squid-error' found, with contents: ERR_CACHE_ACCESS_DENIED 0 + Uncommon header 'x-cache-lookup' found, with contents: NONE from netserv:8080
O le ṣe imudojuiwọn Nikto si awọn afikun tuntun ati awọn apoti isura data laifọwọyi, ṣiṣe ni pipaṣẹ “-awọn imudojuiwọn”.
perl nikto.pl -update
Ti awọn imudojuiwọn tuntun ba wa, iwọ yoo wo atokọ ti awọn imudojuiwọn tuntun ti a gbasilẹ.
+ Retrieving 'nikto_report_csv.plugin' + Retrieving 'nikto_headers.plugin' + Retrieving 'nikto_cookies.plugin' + Retrieving 'db_tests' + Retrieving 'db_parked_strings' + Retrieving 'CHANGES.txt' + CIRT.net message: Please submit Nikto bugs to http://trac2.assembla.com/Nikto_2/report/2
O tun le ṣe igbasilẹ pẹlu ọwọ pẹlu imudojuiwọn awọn afikun Nikto ati awọn apoti isura data lati http://cirt.net/nikto/UPDATES/.
Itọkasi Awọn ọna asopọ
Nikto akọọkan