Download Nikto di http://www.net-security.org/. Setelah ter-download, unzip file nikto-current.tar.gz. Hasil unzip menghasilkan folder baru dengan nama nikto-2.1.1.
Untuk menjalankan Nikto, masuk ke folder nikto-2.1.1, lalu jalankan file nikto.pl.
[msmunir@localhost nikto-2.1.1]$ ./nikto.pl -h 202.46.3.71
- ***** SSL support not available (see docs for SSL install instructions) *****
- Nikto v2.1.1
---------------------------------------------------------------------------
+ Target IP: 202.46.3.71
+ Target Hostname: 202.46.3.71
+ Target Port: 80
+ Start Time: 2010-08-06 14:06:25
---------------------------------------------------------------------------
+ Server: Apache/2.2.13 (Fedora)
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Uncommon header 'proxy-connection' found, with contents: close
+ Uncommon header 'x-cache' found, with contents: HIT from proxy.batan.go.id
+ Uncommon header 'x-cache-lookup' found, with contents: HIT from proxy.batan.go.id:8080
+ ETag header found on server, inode: 1254085, size: 441, mtime: 0x4668a5e45df00
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ Apache/2.2.13 appears to be outdated (current is at least Apache/2.2.14). Apache 1.3.41 and 2.0.63 are also current.
+ OSVDB-637: Enumeration of users is possible by requesting ~username (responds with 'Forbidden' for users, 'not found' for non-existent users).
+ OSVDB-3092: /download/: This might be interesting...
+ OSVDB-3268: /icons/: Directory indexing is enabled: /icons
+ OSVDB-3233: /icons/README: Apache default file found.
+ 3818 items checked: 11 item(s) reported on remote host
+ End Time: 2010-08-06 14:10:55 (270 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
[msmunir@localhost nikto-2.1.1]$
Lihat : http://cirt.net/nikto2
OS : IGN2010
[root@localhost ~]# uname -a
Linux localhost.localdomain 2.6.35.6-37.ign5.i686.PAE #1 SMP Sun Oct 3 09:23:05 WIT 2010 i686 i686 i386 GNU/Linux
Install :
# yum install nikto
Menjalankan
# nikto -host x.y.70.165
Hasil :
[root@localhost ~]# nikto -host x.y.70.165
- ***** SSL support not available (see docs for SSL install instructions) *****
- Nikto v2.1.1
---------------------------------------------------------------------------
+ Target IP: x.y.70.165
+ Target Hostname: x.y.70.165
+ Target Port: 80
+ Start Time: 2011-05-09 4:35:04
---------------------------------------------------------------------------
+ Server: Apache/2.2.8 (Fedora)
+ Number of sections in the version string differ from those in the database, the server reports: apache/2.2.8 while the database has: 2.2.14. This may cause false positives.
+ DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ Retrieved X-Powered-By header: PHP/5.2.5
+ OSVDB-3233: /phpinfo.php: Contains PHP configuration information
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
+ OSVDB-3092: /download/: This might be interesting...
+ OSVDB-3092: /temp/: This might be interesting...
+ 3818 items checked: 8 item(s) reported on remote host
+ End Time: 2011-05-09 4:50:04 (932 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
*********************************************************************
Portions of the server's ident string (Apache/2.2.8) are not in
the Nikto database or is newer than the known string. Would you like
to submit this information (*no server specific data*) to CIRT.net
for a Nikto update (or you may email to sullo@cirt.net) (y/n)? y
- Sent updated info to CIRT.net -- Thank you!
[root@localhost ~]#
[root@localhost ~]# nikto -host x.y.70.162
- ***** SSL support not available (see docs for SSL install instructions) *****
- Nikto v2.1.1
---------------------------------------------------------------------------
+ Target IP: x.y.70.162
+ Target Hostname: x.y.70.162
+ Target Port: 80
+ Start Time: 2011-05-09 7:21:07
---------------------------------------------------------------------------
+ Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 PHP/5.3.3 with Suhosin-Patch
- Root page / redirects to: http://mail.batan.go.id/squirrelmail/index.php
+ mod_ssl/2.2.17 appears to be outdated (current is at least 2.8.31) (may depend on server version)
+ Number of sections in the version string differ from those in the database, the server reports: php/5.3.3 while the database has: 5.2.11. This may cause false positives.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ Retrieved X-Powered-By header: PHP/5.3.3
+ mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 PHP/5.3.3 with Suhosin-Patch - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0082, OSVDB-756.
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
+ OSVDB-3093: /squirrelmail/src/read_body.php: This might be interesting... has been seen in web logs from an unknown scanner.
+ 3818 items checked: 7 item(s) reported on remote host
+ End Time: 2011-05-09 7:42:07 (1260 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
*********************************************************************
Portions of the server's ident string (OpenSSL/0.9.8n Apache/2.2.17 PHP/5.3.3) are not in
the Nikto database or is newer than the known string. Would you like
to submit this information (*no server specific data*) to CIRT.net
for a Nikto update (or you may email to sullo@cirt.net) (y/n)? y
- Sent updated info to CIRT.net -- Thank you!
[root@localhost ~]#
[root@localhost ~]# nikto -host x.y.70.163
- ***** SSL support not available (see docs for SSL install instructions) *****
- Nikto v2.1.1
---------------------------------------------------------------------------
+ Target IP: x.y.70.163
+ Target Hostname: x.y.70.163
+ Target Port: 80
+ Start Time: 2011-05-09 8:16:08
---------------------------------------------------------------------------
+ Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/1.0.0d PHP/5.3.5 with Suhosin-Patch
+ mod_ssl/2.2.17 appears to be outdated (current is at least 2.8.31) (may depend on server version)
+ Number of sections in the version string differ from those in the database, the server reports: php/5.3.5 while the database has: 5.2.11. This may cause false positives.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ Retrieved X-Powered-By header: PHP/5.3.5
+ mod_ssl/2.2.17 OpenSSL/1.0.0d PHP/5.3.5 with Suhosin-Patch - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0082, OSVDB-756.
+ ERROR: /splashAdmin.php returned an error: error reading HTTP response
+ ERROR: /help.html returned an error: error reading HTTP response
+ ERROR: /blah_badfile.shtml returned an error: error reading HTTP response
+ ERROR: /SiteServer/Admin/commerce/foundation/DSN.asp returned an error: error reading HTTP response
+ ERROR: /fpdb/shop.mdb returned an error: error reading HTTP response
+ ERROR: /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter returned an error: error reading HTTP response
+ ERROR: /admin-serv/tasks/configuration/ViewLog?file=passwd&num=5000&str=&directories=admin-serv%2Flogs%2f..%2f..%2f..%2f..%2f..%2f..%2fetc&id=admin-serv returned an error: error reading HTTP response
+ ERROR: /servlet/sunexamples.BBoardServlet returned an error: error reading HTTP response
+ ERROR: /php/php.exe?c:\boot.ini returned an error: error reading HTTP response
+ ERROR: /samples/search.dll?query= returned an error: error reading HTTP response
+ ERROR: /phpimageview.php?pic=javascript:alert('Vulnerable') returned an error: error reading HTTP response
+ ERROR: /add.php3?url=ja&adurl=javascript: returned an error: error reading HTTP response
+ ERROR: /admin.html returned an error: error reading HTTP response
+ ERROR: /examples/jsp/snp/anything.snp returned an error: error reading HTTP response
+ ERROR: /cgi-bin/cgiwrap returned an error: error reading HTTP response
+ ERROR: /pmlite.php returned an error: error reading HTTP response
+ ERROR: /servlet/allaire.jrun.ssi.SSIFilter returned an error: error reading HTTP response
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
+ OSVDB-3092: /download/: This might be interesting...
+ ERROR: /hits.txt returned an error: Total transaction timed out
+ OSVDB-3092: /img/: This may be interesting...
+ OSVDB-3092: /test/: This might be interesting...
+ OSVDB-3268: /images/: Directory indexing is enabled: /images
+ ERROR: /syshelp/stmex.stm?foo= returned an error: error reading HTTP response
+ OSVDB-3092: /qa/: This might be interesting... potential country code (Qatar)
+ 3818 items checked: 11 item(s) reported on remote host
+ End Time: 2011-05-09 8:37:08 (1280 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
*********************************************************************
Portions of the server's ident string (Apache/2.2.17 PHP/5.3.5 OpenSSL/1.0.0d) are not in
the Nikto database or is newer than the known string. Would you like
to submit this information (*no server specific data*) to CIRT.net
for a Nikto update (or you may email to sullo@cirt.net) (y/n)? y
- Sent updated info to CIRT.net -- Thank you!
[root@localhost ~]#
[root@localhost ~]# nikto -host x.y.z3.5
- ***** SSL support not available (see docs for SSL install instructions) *****
- Nikto v2.1.1
---------------------------------------------------------------------------
+ Target IP: x.y.z3.5
+ Target Hostname: x.y.z3.5
+ Target Port: 80
+ Start Time: 2011-05-09 11:47:57
---------------------------------------------------------------------------
+ Server: Apache/2.2.4 (Win32) DAV/2 mod_ssl/2.2.4 OpenSSL/0.9.8e mod_autoindex_color PHP/5.2.2
- Root page / redirects to: http:///xampp/
+ Number of sections in the version string differ from those in the database, the server reports: apache/2.2.4 while the database has: 2.2.14. This may cause false positives.
+ Number of sections in the version string differ from those in the database, the server reports: mod_ssl/2.2.4 while the database has: 2.8.31. This may cause false positives.
+ mod_ssl/2.2.4 appears to be outdated (current is at least 2.8.31) (may depend on server version)
+ OpenSSL/0.9.8e appears to be outdated (current is at least 0.9.8i) (may depend on server version)
+ Number of sections in the version string differ from those in the database, the server reports: php/5.2.2 while the database has: 5.2.11. This may cause false positives.
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ Retrieved X-Powered-By header: PHP/5.2.2
+ ETag header found on server, inode: 12421, size: 202, mtime: 0x2cddf680
+ mod_ssl/2.2.4 OpenSSL/0.9.8e mod_autoindex_color PHP/5.2.2 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0082, OSVDB-756.
+ OSVDB-682: /webalizer/: Webalizer may be installed. Versions lower than 2.01-09 vulnerable to Cross Site Scripting (XSS).
+ OSVDB-12184: /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
+ OSVDB-3092: /phpmyadmin/: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ OSVDB-3092: /restricted/: This might be interesting...
+ OSVDB-3233: /info.php: PHP is installed, and a test script which runs phpinfo() was found. This gives a lot of system information.
+ OSVDB-3268: /icons/: Directory indexing is enabled: /icons
+ OSVDB-3233: /icons/README: Apache default file found.
+ 3818 items checked: 16 item(s) reported on remote host
+ End Time: 2011-05-09 12:08:15 (1218 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
*********************************************************************
Portions of the server's ident string (PHP/5.2.2 (Win32) Apache/2.2.4) are not in
the Nikto database or is newer than the known string. Would you like
to submit this information (*no server specific data*) to CIRT.net
for a Nikto update (or you may email to sullo@cirt.net) (y/n)? y
- Sent updated info to CIRT.net -- Thank you!
[root@localhost ~]#
boz....kantor batan dijaga oleh gambar tsb keren X ya....
ReplyDeleteBisa-bisa gak ada kompromi...
ReplyDelete