Professional Documents
Culture Documents
Nikto&Othertools
Nikto&Othertools
Nikto&Othertools
other tools
Sorina-Georgiana CHIRIL
Software Security
Overview
Open source,
Performs test against web servers
for multiple items:
- Looks for over 6500 potentially dangerous files/CGIs,
- Checks for outdated versions of over 1250 servers,
- Looks for version specific problems on over 270 servers,
- Attempts to identify installed web servers and software,
- Checks for the presence of multiple index files and HTTP
server options,
Metasploit
Pr
ox
g
gin
g
Lo
Wikto
Web scanner
Nikto
DB
Nikto
to
Integrated
Vulnerability exploitation
Nessus
Vulnerability scanner
Web scanner
eg
rat
ed
ut
pu
tf
or
Int
Nmap
Network scanner
OpenVAS
Vulnerability scanner
Burp Suite
http://portswigger.net/burp/
Proxy - an intercepting proxy , which lets you inspect and modify traffic
between your browser and the target application,
Spider - an application aware spider, for crawling content and
functionality,
Scanner - an advanced web application scanner, for automating the
detection of numerous types of vulnerabilities,
Intruder - an intruder tool, for performing powerful customized attacks
to find and exploit unusual vulnerabilities,
Repeater - a repeater tool, for manipulating and resending individual
requests,
Sequencer - a sequencer tool, for testing the randomness of session
tokens,
Ability to: save your work and resume your work later, write plugins.
Wikto
Wikto - Nikto
Wikto uses Niktos
database to perform
different checks
against web server.
Nikto DB
Nmap
Network Mapper,
Roles: network discovery and security analysis,
Technique: uses IP raw packets ,
Determine: what host are available on the network, what services
(application name and version) those hosts are offering, what operating
systems (and OS versions) they are running and other,
Free and Open Source,
Available with: command line and GUI viewer( Zenmap),
Well documented and supported,
Portable: runs on al major operating systems,
Won numerous awards and was featured in twelve movies ,
Official site: http://nmap.org/.
Nmap -Nikto
Scenario: Nikto supports scanning multiple
hosts via text file of host names or IPs. A host
file may also be a Nmap output in greppable
format.
Operating system
Windows 7, 64 bit
Steps
Nikto
Version 2.1.5
Nmap
Metasploit
Express
Community
Framework
Enterprise Security
Programs& Advanced
Penetration Tests
Baseline Penetration
Tests
Web-based GUI
Web-based GUI
Web-based GUI
Java-based GUI
http://www.rapid7.com/products/metasploit/editions-and-features.jsp
Features
Real world security testing
Get a security reality check with exploitation, vulnerabilility validation, advanced attacks and evasion techniques.
Vulnerability validation
Verify which potential vulnerabilities really put your network and data at risk.
Productivity boost
Complete assignments faster with efficient workflows, wizards, data management, APIs and automation.
Password auditing
Uncover weak passwords on over a dozen network services.
Metasploit -Nikto
How to: Metasploit Framework
"006XXX","40478","b","/tikiwiki/tiki-graph_formula.php?
w=1&h=1&s=1&min=1&max=2&f[]=x.tan.phpinfo()&t=png&title=","
GET","200","","","","","This device may have a vulnerable installation
of TikiWiki.","",""
where 006XXX is the one number greater than the last entry in
db_test file, 40478 is the osvdb number
-o msf:password123@http://localhost:55553/RPC2
all scan results are saved in the msf database in realtime.
Nessus -Nikto
Nessus -Nikto
Nikto can be integrated in Nessus
Settings:
1.
2.
3.
4.
5.
Nikto installation,
Put nikto.pl in PATH,
Ensure that nikto.nasl is present in the
Nessus install(Nasl Wrapper),
Run nessusd -R,
Finally restart nessusd.
OpenVAS -Nikto
Nikto
Useful links
http://www.binarytides.com/nikto-hacking-tutorial-beginners/,
http://research.sensepost.com/tools/web/wikto,
http://research.sensepost.
com/cms/resources/tools/web/wikto/using_wikto.pdf,
http://www.rapid7.com/resources/videos/penetration-testing.jsp,
http://infosecandotherstuff.blogspot.ro/2010/11/nikto-xmlrpc-autowpwnmetasploitable.html,
http://cirt.net/nikto2-docs/usage.html#id2740923,
http://nmap.org/book/man-port-scanning-techniques.html,
http://www.tenable.com/sites/drupal.dmz.tenablesecurity.
com/files/uploads/documents/whitepapers/Using%20Nessus%20in%
20Web%20Application%20Vulnerability%20Assessments.pdf
Questions ?
Thank You!