Nikto是一款Web安全扫描工具,可以扫描指定主机的web类型,主机名,特定目录,cookie,特定CGI,XSS漏洞,SQL注入漏洞等,非常强大滴说。。。
root@xi4ojin:~# cd /pentest/web/nikto/
root@xi4ojin:/pentest/web/nikto# ls
docs nikto.conf nikto.pl plugins templates
root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h
Option host requires an argument
-config+ Use this config file
-Cgidirs+ scan these CGI dirs: ‘none’, ‘all’, or values like “/cgi/ /cgi-a/”
-dbcheck check database and other key files for syntax errors
-Display+ Turn on/off display outputs
-evasion+ ids evasion technique
-Format+ save file (-o) format
-host+ target host
-Help Extended help information
-id+ Host authentication to use, format is id:pass or id:pass:realm
-list-plugins List all available plugins
-mutate+ Guess additional file names
-mutate-options+ Provide extra information for mutations
-output+ Write output to this file
-nocache Disables the URI cache
-nossl Disables using SSL
-no404 Disables 404 checks
-port+ Port to use (default 80)
-Plugins+ List of plugins to run (default: ALL)
-root+ Prepend root value to all requests, format is /directory
-ssl Force ssl mode on port
-Single Single request mode
-timeout+ Timeout (default 2 seconds)
-Tuning+ Scan tuning
-update Update databases and plugins from CIRT.net
-vhost+ Virtual host (for Host header)
-Version Print plugin and database versions
+ requires a value
Note: This is the short help output. Use -H for full help.
升级插件
root@xi4ojin:/pentest/web/nikto# ./nikto.pl -update
-h 指定扫描的目标 –p 端口
root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h www.xiaojin.org -p 80
-C 指定CGI目录 –all表示猜解CGI目录
root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h www.xiaojin.org -C all
-T选项包含很多小选项 –T 9表示扫描SQL注入漏洞
root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h www.xiaojin.org -T 9
-D指定输出显示2显示cookies
root@xi4ojin:/pentest/web/nikto# ./nikto.pl -h www.xiaojin.org -D 2
-T选项包含的小选项解释:
0 检查文件上传页面
1 检查web日志
2 检查错误配置或默认文件
3检查信息泄露问题
4 检查XSS/Script/HTML问题
5 从根目录检查是否存在可访问的文件
6 检查拒绝服务问题
7 从任意文件检索是否存在可访问文件
8 检查是否存在命令执行漏洞
9 检查SQL注入漏洞
a 检查认证绕过问题
b 识别安装的软件版本
c 检查源代码泄露问题
x 反向链接选项
本文摘自独自等待博客