Install Nikto On Windows 7

On

What is Nikto web scanner and it’s use ?

  1. Install Nikto On Windows 7 Pc

Nikto Web-scanner is a open source web-server scanner which can be used to scan the web-servers for malicious programs and files. Nikto can be used to scan the outdated versions of programs too. Nikto will provide us a quick and easy scan to find out the dangerous files and programs in server, At the end of scan result with a log file. Using nikto we can scan http, https, httpd traffics too.

What is Nikto Nikto is web-server scanner which is open source which can be use to scan the server for malicious file and programs. Using NIKTO we can scan. 7 – Remote File Retrieval – Server Wide. How to search your hacking tracks on your computer (Windows and Linux)July 3, 2017In 'Tutorials'.

To run the Nikto we don’t need any hard resource using software’s, If our server installed with Perl it’s fine to run the nikto. It’s available for every Operating systems such as Linux, Unix like RedHat, Centos, Debian, Ubuntu, Solaris, BackTrack, MacOSX. Supports SSL, http proxy, Scan multiple ports on a server, Check for outdated server components etc.. We can get the output of result in following formats TXT, CSV, HTML, XML.

Install Nikto On Windows 7 Pc

Newly released version of Nikto Web scanner:

Nikto released it’s version 2.1.5 in 2012 but it’s under updates for each and every new vulnerabilities till date.

vulnerabilities Database:

We can find each and every vulnerabilities database in following URL.

My Environment Setup:

  • Hostname : prodsrv.unixmen.com
  • IP address : 192.168.0.166
  • Operating system : Ubuntu 14.04 LTS
Windows

Run the following commands to check the hostname, IP address, and OS version.

Step by Step Installation

First we need to download and install nikto web scanner from Official website.

Let we download the package which in .bz2 or gz format using wget in our production server.

https://cirt.net/nikto/nikto-2.1.5.tar.bz2
https://cirt.net/nikto/nikto-2.1.5.tar.gz

Step 1: Download the package


Step 2: Extract the package using below command

Step 3: Navigate to the home directory

Then move the extracted nikto package to /usr/local/bin/:


* Nikto config file need to be in /etc/, But now it’s currently under /usr/local/bin/ While having a look into conf we can find that nikto will skip the scan for ports 21 & 111, And from were it want to download it’s update and much more.

Step 4: Creating Symlink & Permission.

Now we need to create a symlink for our conf file to /etc/ because nikto look for conf file under /etc/. Then make our nikto script as executable using chmod.

Step 5: Update the nikto Database.

Before performing any scan we need to update the nikto database packages using.


To list the available Plugins for nikto we can use the below command.

Step 6: Scan for vulnerabilities:

To Scan for a website using hostname we can use the option -h followed by niktop command.


Scan for a hostname using multiple ports we can use -p option followed by nikto.pl


While scanning for vulnerabilities we can see the process, If we need to see the live process we need to use option Display.

Where,

  • -D = Display
  • v = Verbose
  • -h = hostname
Scan Only using specific check using tuning option:

While Tuning options used we can specify which test need to made, Using x option we can exclude the tests which we don’t need.
Below Options are available for specific scan’s.

0 – File Upload

1 – Interesting File // we will get in logs

2 – Misconfiguration / Default File

3 – Information Disclosure

4 – Injection (XSS/Script/HTML)

5 – Remote File Retrieval – Inside Web Root

6 – Denial of Service // Scan for DDOS

7 – Remote File Retrieval – Server Wide

8 – Command Execution // Remote Shell

9 – SQL Injection // Scan for mysql vulnerabilities

a – Authentication Bypass

b – Software Identification

c – Remote Source Inclusion

x – Reverse Tuning Options
Now here let me scan for SQL vulnerabilities for a website. A single test will finish in short time if we not specified for a single scan it will take the full scan and take hours to complete.


Scan for multiple test using:

Scan and save the result to a file using below command to find the vulnerabilities.


After scan completes we will get the result in html format in current directory as show below.


We will get a decent format of output as show below in html format to find the vulnerabilities.


That’s it, Here we have seen how to protect our website from several vulnerabilities. To know the up to date vulnerabilities we need to keep the nikto package update before scanning.

Resources:

  • Home page : https://cirt.net/Nikto2
  • Documentation : https://cirt.net/nikto2-docs/
  • Development : https://github.com/sullo/nikto

Conclusion:

To those who searching for web scanner nikto will be one of powerful tool to end your web scanner search. Hope this will will bring you a good idea to scan vulnerbalites for you site even your site are well harden in several settings.

Hi guys, how do i use the vulnerabilities of this site? Can one of these vulnerabilities be used to hack the site? (I have permission for testing the site)

Here is the output:
---------------------------------------------------------------------------

  • Target IP: 46.32.253.67
  • Target Hostname: www.majorana.org
  • Target Port: 80

---------------------------------------------------------------------------

  • Server: Apache/2.2.31 (Unix) modssl/2.2.31 OpenSSL/1.0.1e-fips modbwlimited/1.4
  • Retrieved x-powered-by header: PHP/5.4.45
  • The anti-clickjacking X-Frame-Options header is not present.
  • The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
  • The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  • All CGI directories 'found', use '-C none' to test none
  • Server leaks inodes via ETags, header found with file /robots.txt, inode: 452063, size: 1777, mtime: Sun Jun 12 11:14:32 2016
  • Entry '/INSTALL.mysql.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  • Entry '/INSTALL.pgsql.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  • Entry '/install.php' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  • Entry '/LICENSE.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  • Entry '/MAINTAINERS.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  • Entry '/update.php' in robots.txt returned a non-forbidden or redirect HTTP code (302)
  • Entry '/UPGRADE.txt' in robots.txt returned a non-forbidden or redirect HTTP code (200)
  • 'robots.txt' contains 41 entries which should be manually viewed.
  • Apache/2.2.31 appears to be outdated (current is at least Apache/2.4.12). Apache 2.0.65 (final release) and 2.2.29 are also current.
  • OpenSSL/1.0.1e-fips appears to be outdated (current is at least 1.0.1j). OpenSSL 1.0.0o and 0.9.8zc are also current.
  • mod_ssl/2.2.31 appears to be outdated (current is at least 2.8.31) (may depend on server version)
  • Multiple index files found: /index.htm, /default.htm
  • OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
  • modssl/2.2.31 OpenSSL/1.0.1e-fips modbwlimited/1.4 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0082, OSVDB-756.
  • /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
  • /global.asa: The global.asa file was retrieved, which may contain sensitive information. Map the .asa extension to the proper dll.
  • /webmail/blank.html: IlohaMail 0.8.10 contains an XSS vulnerability. Previous versions contain other non-descript vulnerabilities.
  • /securecontrolpanel/: Web Server Control Panel
  • /webmail/: Web based mail package installed.
  • /phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script>: Output from the phpinfo() function was found.
  • /cgi-sys/Count.cgi: This may allow attackers to execute arbitrary commands on the server
  • /php.ini: This file should not be available through the web interface.
  • OSVDB-3233: /mailman/listinfo: Mailman was found on the server.
  • OSVDB-3233: /postinfo.html: Microsoft FrontPage default file found.
  • OSVDB-12184: /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  • OSVDB-12184: /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  • OSVDB-12184: /?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  • OSVDB-12184: /?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
  • OSVDB-2117: /cpanel/: Web-based control panel
  • OSVDB-3092: /img-sys/: Default image directory should not allow directory listing.
  • OSVDB-3092: /java-sys/: Default Java directory should not allow directory listing.
  • OSVDB-3093: /webmail/lib/emailreaderexecuteoneachpage.inc.php: This might be interesting... has been seen in web logs from an unknown scanner.
  • OSVDB-3233: /vtiinf.html: FrontPage/SharePoint is installed and reveals its version number (check HTML source for more information).
  • /phpinfo.php: Output from the phpinfo() function was found.
  • OSVDB-3233: /phpinfo.php: PHP is installed, and a test script which runs phpinfo() was found. This gives a lot of system information.
  • /phpinfo.php?GLOBALStest=<script>alert(document.cookie);</script>: Output from the phpinfo() function was found.
  • /phpinfo.php?cx=PYOcxyXn7korUexBTvH0XFlM47Xp8hzl8j9Gj6a7tUa5NRJwtMm5VjtMrw40ESuCvuglGvQYug25rUmHujA4AGn0zM3Zmmq0SpT5JgDxb4GmfOB5NyAWSJGTGQroFzFkfZM8eAzp3UQDZvHsWNnviHOuYuw3FDplcxHiLKEOMjTkL4w48CT7JtgSE9tkolio3yqnUKfUggX3h5Fu48G9tOSHwpirXDJlXlxDI92LkVy1d9xI4ffsPQWprRt3MdpmGh9w9mOXFRJUcW5z4OUp0dmEiQsAKbKLpOoaSQDQnexLBptyVRraqBymWqELx4CZc3VqTY8wRLdk6LrDxv5roYvPucvVNDLztf1yIMXpkwJl1lxJl7vihVxLGtXrt7D03FWlkhmxzyQmoi85EaXMS5c8HaTU1r2UnuJ9wGapjixrTheidaskssPZP5cGRzUYc5d7ciyGZMhrkT1hMuf7SJleJ3FWy0b8qjBp3gng1KgchapTO8carLJavhs3hwBBx5eH6RrnqtGc2E8pbsnkNMz9pyxK7JG949RvGS2X3tZbJLNH8SMexYoVjPDnxcIaG06UdkD2726nTBHn3k9NVC65Oz6ZIfI3j2w6zmIskuDs4ZsvC0QYkHag8mmA0kChTSKk7vSylm8d09ngLEVXF5VpEri4q5gUbPhyi42gQoe2GuMfY9iwD8xMcw6y3UILcHpD1UK4QbSU6XQIoKX30Sd3YlbcznnVDAGdxhUoGVttTBAvjskyzx37lEuqM0m0X3w27coWiE5oyMoNrgTgfU124VUK5XJKyku5bJ2p9ByOFnuyzmAvQLGCzs0V531jtTB3iUH4kaCjFN5YX9IVWe5fBgXM6Iv1bYkFzuARoN9FyYwq9yC0phihRbMcQfQG0CCpXnCiuA7lf6XtEIJ6808C50DXT2rkAvB0ZYbQ1SPFPm5nMiAyhewYaKHGsadLVprmg0NeHrTIrruJw2ZrNKaixNPzTJ4eyrEbwpbZ8Jt213XuDThozTHOLoRkxOK4bNG9rGmdNE9VMaodzAM6BSbjnUVQb1pzCv5M0h4rxtczujMDNteKXidVLs54YGxu1tFIyv6CqhoNtxDtQ8vbOu7kAeaA0OH8rDuQoicmeriGruDBO0gb872kVmQu9jvWSnIKgJJg9I5IZ9FoDRObyqVMbm1VJltvm5iYalPtbpFS2FXuEt7jMRu7FZlRqP7nGYDO61wgM1CbQMTI4MQPhq35Q10wVXT4bYWEeWfYc5fkVuCoKvuKwdiYn9SdTZoZaVAWRTdWZstzFfvROiQ7qN3hOODJI5ltjSfRTLmFhNSPOjmjw5beoLRM0ntXoj0JILZk9p18brA6yLrV7b1Ct6zQ81GkqFc62T5Y5whj1vjTwymgTwz1jONyK0NpJuNXb6Rip70IBw9axmCY5CC14coH0OFevCU27HeQ1Xrgn2B94kbLeJkH3zIIcs7Sd7rscTiz0nHeFTpNtGwB9FfWywZzsJwGxHl4D8zaQiHmExx08hRouOnUdAksBJRPlCkCxYiHEEX4ARWt6WQFSQqWEB3ykeKuHth61Mr4JMT1GcxuNLjNzF5IDkzsog3jSlUYTWIS3o1zeK07hbBlV0uRsPuRkGrCmLlFq0i29uxEnfFto7UM1aKRW8lMXUlH09XPKdBSQRUzd0hnBLhpnxClCxyZzwZ3X4YRg5EWpsMeqbV0JprINhhArl78MfYDUVoiEkEhEqXchxJ5e6rNbGcDPbhYaDEU5sLn2I7rn0DfffNWyb9gyFaq9I6hCadbuDavCu3YD0JOSlR7TGpk09nDwX4Wc4CDVx5UsCUCzhuMh88TaEccWoGt91qF6z1pkrt4QtrVZJ6i1j2kehkL87VeStHWPTgJNTNDHzpLqbKSrZ3iq1fBeVmLg1NtywNWY8aMECb40ZywrpjSmrm8QeiKZUr0KpBu7tqc2B6zNoUbPDqTU8migtGUKz9FYpA0tSuBHdVF3AR8TVaIDhecO4ZSm8suSy18rzqIDmLqKGJPI1egim7qyp18v1LBnBoC01YTqYmG8dRyJ9QkNqXgXJ4CBntAcxj5SJJ9DSK6BAFzQZxQaEZuG2TkmQzxkcQ20pHRMZcBs9CaTeIObhTerM6CqUHb2PSAI9CTuwHwaaG6NfrXOXZlWGowGCCJJ0ZriKDj6FxkmhHVReV5muVPSj8JO4ZSoeexfbIBu8uWl69LPynfvQxJaPSAe5SuRWtWIfrxnaexrcR07vorUJ3cVn6MwCfmDkIwWcqlHxffO67mMgLkSkBUXJY5cAlIFtRIJEjGGTQ31OOSFiUjsF4FYAmFOa5TsdxbPylUTbSD9nMjkYFGE35u46LxBHeyktiwxkh4SlvCIUmv1BDe2dAJc3yAm0IdYiXO40dlX8Cr1A91wBXMyypHVcbJRczj2eildJxZyciUpeLR8gHdC1loRrFDw7awczO7O9TUveZfOQ5uovyuu1rIEZSwC6YF4LVql6dFdzHKmDkJVid8VcDHGqnBLsDPHVenqkK6AATch5xd512G03Cl8JYDR9E70jaoBogtMHoAExbCLypAtn8rNhEZpqdxwVFHLDa1Sd3JHHWkXdnaXMkVpHrVeqKDlbsKVpJmeFjfNHw4ow0UUQOhCLzlzLHcjC4EOdoYU2Cj3fZU7N0QpkvvmcvKDfPEiKDzBh6FBuPSE6P91t1mz8h19jnKqqRCONr4ARCgK18BDGCFdob1UkwewPgF6kGcLL3uT8309ulfBcwbDJxKgJg3vkPJBYNdtjvadMfmJGzPLDcPiZs7NPoZhYNmObnnJTQPF2owON4bWoMNHp25m3lfHSQaW2BsnPLMoDwdyMOmRV2d7Gwz2r1ldChNvLx4HwF8x6fkUeZlvJI6U6GI5IYTzydGu8hMqHJ2TVjOFbhBGx5CDHfU0EWHNgrE4nPMzLuPW3uj6k88CRBgn88u40I58EOcDDVEN7mavsa7KbN5TCTuHwZcOvaFdhkYiOQWFJHbMMpYBHb2eeBdVPmlbDM94sNED56NuyPw8cE3BQLPNNSK2q9GBogJxmb84J2iXbxv5lLMzy91hBvEL7Q1AKKtrZk8lIuSnqy1ckVVeJzWqQLWufWCleQd6hIZGo6yJaBD45OvTzojqHTjhq5818AyLPj67cSbkZlzfxwY6UcwKtjCyhvvJP5maVyioqpqhbQBjbT53XZoSetsaLbnoLWgecv05JePAx12MztfN28IhqkWZyapluEMMxWni5SGZqzBib1soJabz2FCN2M6AsymhvQ3zeaWtLZhs4zGMUv7LLPzThWC5PQ5TfG3oCZKBhSc91VTxl4ACCrDPHh1uY7ihN3eRUziluppoyXsv5xlizwOWDsyV1YPONkPXU2dQbdLDd8m6sPaTMuQ2CghlbcgAKsE63x8GxgvNQWzIR5WvFCWOFUSM2XEMzKj7mIV5EhcrdvlD5PcYFsDr67HgAyqOM24AYxayT0iTu4H4vEsbMFSVynXFkeFTRFQG4P7vw8Uz9QKNOaRfUFaCl1i52zwkpPGbqOYj99m0GtiSBqNZQS2s6qpeFS8dmMuegrNlwAWdKW9TsvIq7PpoV61oN7AZWsc3WZus9ooTekUiTLSwzAsztR2mkZmdUSauP4xp7JwGwGgrQ2s2CikDMQQSHqYfiY5BO6QOUKLrUPOw3KrylWdR5KZ8liTjxh3UlejVqSGD9uBfSMVvkgsmbMXOFsJhaXcKVEs0O5qw17Ru3ccBfSX6WO91e5QSJFlr9iNyDFgDe5AyT3h86uA6eqiWum1CpQukb4j3VUV2bGuBuIbGroTg4WKiNiDgRR4JMqFEro7P9nAtclyE32QxirlwOaXREt7QTnvkNeLplUaQj5ilIXQGeUfLhTSi2ckoBXqVVGw1iFxIUekLmvQj058AiWGFeZKpH37JiWW6bRY8P1jWlgDATAxCHvuP4SGDHPe4whVQv3Bv0GK6bcgagQuAdTx2fR21sgg6KdQzBooQMVPbdfIPw7hGxk9FKJS24ucWlcUkGd6PFCKnUUziFpz7bXFS1fuWBdkSqfhkwsqGV7KU3d4PYuzSteWGj9HLYQHNJ6lANhQ<script>alert(foo)</script>: Output from the phpinfo() function was found.
  • OSVDB-3092: /UPGRADE.txt: Default file found.
  • OSVDB-3092: /install.php: Drupal install.php file found.
  • OSVDB-3092: /install.php: install.php file found.
  • OSVDB-3092: /LICENSE.txt: License file found may identify site software.
  • OSVDB-3233: /INSTALL.mysql.txt: Drupal installation file found.
  • OSVDB-3233: /INSTALL.pgsql.txt: Drupal installation file found.
  • /controlpanel/: Admin login page/section found.