Exploring Web Server Vulnerabilities with Nikto

Nikto is an Open source web server scanner and  it can use with any web servers like Apache, Nginx, IHS, OHS, Litespeed etc. It is capable to perform web server scanning over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers.It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.

Let's start installation process of NiktoScan on RHEL/ centos 7

First you have to install rpms from following codes.

rpm -Uvh http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-20.el7.art.noarch.rpm

rpm  -Uvh http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-21.art.noarch.rpm

rpm -Uvh  http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-21.art.noarch.rpm


Next use yum install to install NiktoScan package.

yum install nikto -y

Then you can check the installation process is success or not from following command.

nikto -v

 

If the output looks like this, you have successfully installed NiktoScan on your 
computer.
 
 
Ok. Let's start scanning process.
You can use following command to scan website using hostname and this is the 
basics command of NiktoScan.
niktoscan -h <hostname or IP>
Eg.: nikto -h www.domains.lk
in here -h is for hostname. 
It takes some time to deliver the output and it looks like this.

You can find all command line options from this link and its usage.
In the bottom of the scan result you can see number of request to the host and
errors on that remote host.
 
In the NiktoScan you can scan specific port of a remote server by using following
command.
 niktoscan -h <hostname> -p <port>
Eg.:
        nikto -h www.domains.lk -p 80
        nikto -h www.domains.lk -p 80,111,443


Nikto  -list-plugins” will display a list of additional plugins which may help to scan a target or confirm a vulnerability reported by Nikto.

 nikto -h www.domains.lk -Plugins "apache_expect_xss(verbose,debug)"
I think you have an basic idea to perform a nikto scan to web server and next 
time we will be discussed about how to analyse Nikto scan report and identifyinf 
vulnerabilities.
 

0 Comments