-
Notifications
You must be signed in to change notification settings - Fork 0
/
atom.xml
94 lines (65 loc) · 6.2 KB
/
atom.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>CIRT.net: The Blog</title>
<link href="https://sullo.github.io/atom.xml" rel="self"/>
<link href="https://sullo.github.io/"/>
<updated>2021-06-27T13:52:45-04:00</updated>
<id>https://sullo.github.io</id>
<author>
<name>Chris Sullo</name>
<email>[email protected]</email>
</author>
<entry>
<title>Nikto Interactive</title>
<link href="https://sullo.github.io/2021/06/26/nikto-interactive/"/>
<updated>2021-06-26T00:00:00-04:00</updated>
<id>https://sullo.github.io/2021/06/26/nikto-interactive</id>
<content type="html"><p>So you have Nikto going, but you’re not really sure what’s happening, or how long the scan is going to take?</p>
<p>No problem.</p>
<p>Nikto has several interactive features you can use while a scan is in progress. If you just want to find out the current status, simply press the space bar to find out what the program is doing, how many requests have been made, and a guesstimate of how long the rest is going to take. You can automate this output every 500 requests by turning on progress reporting by pressing ‘p’ (similarly, pressing it again will turn it off).</p>
<p><img src="/public/images/blog-nikto-status.png" alt="Status" /></p>
<p>If you want to get a better feel for how the server is responding to each request, you can turn verbose mode on or off by pressing the ‘v’ key.</p>
<p><img src="/public/images/blog-nikto-verbose.png" alt="Savedir feature" /></p>
<p>If you’d like a lot of info, debug is also available by pressing ‘d’.</p>
<p><img src="/public/images/blog-nikto-debug.png" alt="Savedir feature" /></p>
<p>If you’re running up against the end of your testing window, no need to cancel and start again later—simply press a ‘P’ to pause all operations. Nikto will sit around and wait until you’re ready to resume by hitting a ‘P’ again.</p>
<p><img src="/public/images/blog-nikto-pause.png" alt="Savedir feature" /></p>
<p>If you’re giving up or totally out of time, you can press ’N’ to move on to the next host/port (if you ran more than one, or finish up if not) or ‘q’ to quit scanning entirely. Both N/q will wrap up current operations and write report/save output, terminating the program normally and more gracefully than a hard exit will.</p>
<p>There are a few more interactive commands which you may find handy for debugging or getting more info from a server, such as reporting cookies, errors, redirections, etc. See the entire list below.</p>
<p>One last note: keyboard input is checked every 10 requests, so on very slow scans you might need to wait until input is polled.</p>
<p>Here’s the full list:</p>
<ul>
<li>SPACE - Report current scan status</li>
<li>v - Turn verbose mode on/off</li>
<li>d - Turn debug mode on/off</li>
<li>e - Turn error reporting on/off</li>
<li>p - Turn progress reporting on/off</li>
<li>r - Turn redirect display on/off</li>
<li>c - Turn cookie display on/off</li>
<li>o - Turn OK display on/off</li>
<li>a - Turn auth display on/off</li>
<li>q - Quit</li>
<li>N - Next host</li>
<li>P - Pause</li>
</ul>
</content>
</entry>
<entry>
<title>Replay Nikto Findings With The Save Option</title>
<link href="https://sullo.github.io/2021/06/23/nikto-replay-requests/"/>
<updated>2021-06-23T00:00:00-04:00</updated>
<id>https://sullo.github.io/2021/06/23/nikto-replay-requests</id>
<content type="html"><p>When running Nikto, you have the ability to save all findings in plaintext files by using the -Save option. This option takes one argument, a directory name, which will be used or created to save all findings, one per text file. Each file will be named in the following format: HOSTNAME_PORT_DATE_TESTID.txt</p>
<p><img src="/public/images/blog-nikto-savedir.png" alt="Savedir feature" /></p>
<p>These save files contain basic test information such as the test ID and message, the full HTTP response, and JSON representations of both the request and response. They also contain a “Reason” for the finding—for example “Response Code Match” (the code from the HTTP response matched the test database) or “Content Match” (versus the response body), which is helpful for debugging.
This text file can be used for evidence of a test finding later, and can also serve as documentation for reports.</p>
<p><img src="/public/images/blog-nikto-json.png" alt="JSON object" /></p>
<p>Additionally, the JSON can be used to replay the original test’s request by using the included replay.pl program (note that Nikto will need the <a href="http://search.cpan.org/~makamaka/JSON-PP-2.27203/lib/JSON/PP.pm">JSON::PP</a> module installed).
replay.pl has only two options: -file -proxy</p>
<p>By supplying the Nikto save file as the -file option value, replay.pl will parse the request and send it to the original target server. The -proxy option will route the request through the specified proxy (format host:port), which makes it easy to move a request from the command line to a tool like <a href="https://portswigger.net/">Burp</a>.</p>
<p><img src="/public/images/blog-nikto-replay.png" alt="replay.pl" /></p>
<p>This type of replay is especially handy when rechecking findings after application changes have been implemented. The output will again provide the original Nikto test information, and will show both the headers and body of the new request.</p>
<p>One final tip—by supplying a “.” to the -Save option, Nikto will automatically name and create a new directory in the format: savedir_HOST_PORT_DATETIME</p>
</content>
</entry>
</feed>