{"id":3754,"date":"2020-08-19T00:35:48","date_gmt":"2020-08-18T15:35:48","guid":{"rendered":"https:\/\/tech.akat.info\/?p=3754"},"modified":"2020-08-19T00:35:48","modified_gmt":"2020-08-18T15:35:48","slug":"kali-linux-%e3%81%ab-nikto-%e3%82%92%e3%82%a4%e3%83%b3%e3%82%b9%e3%83%88%e3%83%bc%e3%83%ab%e3%81%97%e3%81%a6%e3%81%bf%e3%81%9f","status":"publish","type":"post","link":"https:\/\/tech.akat.info\/?p=3754","title":{"rendered":"Kali Linux \u306b nikto \u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u3066\u307f\u305f"},"content":{"rendered":"<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\n# wget -d https:\/\/github.com\/sullo\/nikto\/archive\/master.zip\r\n\r\n# unzip master.zip\r\n\r\n# cd nikto-master\/program\r\n\r\n# perl nikto.pl -h http:\/\/granny.htb\/\r\n- ***** SSL support not available (see docs for SSL install) *****\r\n- Nikto v2.1.6\r\n---------------------------------------------------------------------------\r\n+ Target IP:          10.10.10.15\r\n+ Target Hostname:    granny.htb\r\n+ Target Port:        80\r\n+ Start Time:         2020-08-18 15:01:46 (GMT0)\r\n---------------------------------------------------------------------------\r\n+ Server: Microsoft-IIS\/6.0\r\n+ Retrieved microsoftofficewebserver header: 5.0_Pub\r\n+ Retrieved x-powered-by header: ASP.NET\r\n+ The anti-clickjacking X-Frame-Options header is not present.\r\n+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS\r\n+ Uncommon header 'microsoftofficewebserver' found, with contents: 5.0_Pub\r\n+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type.\r\n+ No CGI Directories found (use '-C all' to force check all possible dirs)\r\n+ Retrieved dasl header: &lt;DAV:sql&gt;\r\n+ Retrieved dav header: 1, 2\r\n+ Retrieved ms-author-via header: MS-FP\/4.0,DAV\r\n+ Uncommon header 'ms-author-via' found, with contents: MS-FP\/4.0,DAV\r\n+ Allowed HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, COPY, MOVE, PROPFIND, PROPPATCH, SEARCH, MKCOL, LOCK, UNLOCK\r\n+ OSVDB-5646: HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.\r\n+ OSVDB-5647: HTTP method ('Allow' Header): 'MOVE' may allow clients to change file locations on the web server.\r\n+ Public HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH\r\n+ OSVDB-5646: HTTP method ('Public' Header): 'DELETE' may allow clients to remove files on the web server.\r\n+ OSVDB-397: HTTP method ('Public' Header): 'PUT' method could allow clients to save files on the web server.\r\n+ OSVDB-5647: HTTP method ('Public' Header): 'MOVE' may allow clients to change file locations on the web server.\r\n+ WebDAV enabled (MKCOL COPY SEARCH PROPFIND LOCK PROPPATCH UNLOCK listed as allowed)\r\n+ OSVDB-13431: PROPFIND HTTP verb may show the server's internal IP address: http:\/\/granny\/_vti_bin\/_vti_aut\/author.dll\r\n+ OSVDB-396: \/_vti_bin\/shtml.exe: Attackers may be able to crash FrontPage by requesting a DOS device, like shtml.exe\/aux.htm -- a DoS was not attempted.\r\n+ OSVDB-3233: \/_vti_bin\/: FrontPage directory found.\r\n+ OSVDB-3300: \/_vti_bin\/: shtml.exe\/shtml.dll is available remotely. Some versions of the Front Page ISAPI filter are vulnerable to a DOS (not attempted).\r\n+ OSVDB-3500: \/_vti_bin\/fpcount.exe: Frontpage counter CGI has been found. FP Server version 97 allows remote users to execute arbitrary system commands, though a vulnerability in this version could not be confirmed. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-1999-1376. http:\/\/www.securityfocus.com\/bid\/2252.\r\n+ OSVDB-67: \/_vti_bin\/shtml.dll\/_vti_rpc: The anonymous FrontPage user is revealed through a crafted POST.\r\n...\r\n\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p># wget -d https:\/\/github.com\/sullo\/nikto\/archive\/master.zip # unzip master.zip # cd nikto-master\/program # per [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[98],"tags":[],"_links":{"self":[{"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/posts\/3754"}],"collection":[{"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tech.akat.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3754"}],"version-history":[{"count":1,"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/posts\/3754\/revisions"}],"predecessor-version":[{"id":3755,"href":"https:\/\/tech.akat.info\/index.php?rest_route=\/wp\/v2\/posts\/3754\/revisions\/3755"}],"wp:attachment":[{"href":"https:\/\/tech.akat.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3754"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tech.akat.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3754"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tech.akat.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3754"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}