NiktoSorina-Georgiana CHIRILĂ

Faculty of Computer ScienceAlexandru Ioan Cuza University, Iași, Romania

Software Security - 2013

Overview● Idea● What is “Nikto” ?● Technical details● Structure● Installation● Case Studies● Features● Advantages/Disadvantages● Resources

Idea● You manage several Web servers/applications● Need to find potential problems and security

vulnerabilities, including: - Server and software misconfigurations - Default files and programs - Insecure files and programs - Outdated servers and programs

What is “Nikto” ?● Web server scanner,● Created by : David Lodge and Chris Sullo,● Version 1.00 Beta released on: December 27, 2001 ● Current version: 2.1.5,● Written in: Perl,● The name is taken from the movie: The Day The Earth

Stood Still,● Sponsored by: Sunera LLC,● Official page : http://www.cirt.net/nikto2.

Technical details● Open source, with support for SSL connections,● Performs test against web servers

for multiple items: - Looks for over 6500 potentially dangerous files/CGIs, - Checks for outdated versions of over 1250 servers, - Looks for version specific problems on over 270 servers, - Attempts to identify installed web servers and software, - Checks for the presence of multiple index files and HTTP server options,● Output can be saved in a variety of formats: text, XML, HTML.

Structure

Main File :nikto.plReplay File :replay.plreplay a saved request

Tests against vulnerabilities : databases folder

Performed with code from: plugins directory

Installation● Runs on Windows , Mac, Linux : any system with

support for basic Perl installation, allow Nikton to run.

● Requirements for Windows usage: ActiveState Perl : typicall setting, Nikto : download and extract the archive content.

Command line tool

needsec.com

perl nikto.pl -host name.ro -port 80perl nikto.pl -h name.ro -p 80

Simple Scanperl nikto.pl -h 127.0.0.1 -p 80

Open Sourced Vulnerability Database

Testing will reveal scripts, files and directories that may leak information or have security problems

Case studies● perl nikto.pl -h 127.0.0.1● perl nikto.pl -h localhost -p 80,8080● perl nikto.pl -h hosts.txt● perl nikto.pl -h 127.0.0.1 -o results.txt● perl nikto.pl -h localhost -o results.html● perl nikto.pl -h 127.0.0.1 -dbcheck● perl nikto.pl -h localhost -update

Features● SSL support,● Template engine to easily

customize reports,● Support for LibWhisker’s anti-

IDS methods,● Easily updated via command line● Thorough documentation,● Projects like Wikto, MackNikto

and Services like Edgeos.com and HackerTarget.com which are related to Nikto or incorporate/use Nikto databases,

● Scans multiple ports on a server, or multiple servers via input file(including nmap output),

● Logging to Metasploit,● Full HTTP proxy support - so by

using a tool (like Buirp Suite) that can intercept the http requests and show them in proper format, we can analyse the queries made by Nikto and discover vulnerabilities,

● It can be integrated in Nessus.

Advantages / Disadvantages

● Fast, versatile tool ,● Written in Perl , it

can be run in any host operating system,

● Open source - it can be easily extended and customized,

● Diverse output formats - easy to integrate with other penetration testing tools.

● Runs at the command line , without any graphical user interface(GUI).

Resources ● http://www.linuxforu.com/2010/05/website-vulnerabilities-and-nikto/,● http://hackingdemos.blogspot.ro/2013/09/view-possible-vulnerabilities-of-host.html,● http://osvdb.org/,● http://sectools.org/tool/nikto/,● http://www.computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson13/,● http://www.slideshare.net/rommzezz/security-testing-vrn-20022013?from_search=12,● http://www.slideshare.net/namedeplume/penetration-testing-basics?from_search=9,● http://www.devshed.com/c/a/Apache/Secure-Installation-and-Configuration/,● http://memo-linux.com/nikto-outil-scanner-de-securite-serveur-web/,● http://needsec.com/wp-content/uploads/2013/11/CheatSheetNikto.pdf.

Resources ● http://www.binarytides.com/nikto-hacking-tutorial-beginners/,● http://www.cgisecurity.com/whitehat-mirror/wh-whitepaper_xst_ebook.pdf,● http://www.madirish.net/547,● http://memo-linux.com/nikto-outil-scanner-de-securite-serveur-web/,● http://searchsecurity.techtarget.com/video/How-to-use-Nikto-to-scan-for-Web-server-vulnerabilities,● https://www.youtube.com/watch?v=NJ8ixhgL8V8,● https://www.youtube.com/watch?v=goCm1TCJ29g,● https://www.youtube.com/watch?v=yV26jHKU38k,● https://www.youtube.com/watch?v=Jx6pTc8ikjU.

Questions ?