Install Nikto
Oct 18, 2013 - Run 'perl -v' command to check if Perl is installed. CD to Nikto location(e.g. Run below command to scan the test website.
Any system which supports a basic Perl installation should allow Nikto to run. It has been extensively tested on:
Windows (using ActiveState Perl and Strawberry Perl). Some POSIX features, such as interactive commands may not work under Windows.
Mac OSX
Various Linux and Unix installations (including RedHat, Solaris, Debian, Ubuntu, BackTrack, etc.)
The only required Perl module that does not come standard is LibWhisker. Nikto comes with and is configured to use a local LW.pm file (in the plugins directory). As of Nikto version 2.1.5, the included LibWhisker differs (slightly) from the standard LibWhisker 2.5 distribution.
For SSL support the Net::SSLeay Perl module must be installed. Windows support for SSL is dependent on the installation package, but is rumored to exist for ActiveState's Perl.
For support for logging to Metasploit, the RPC::XML and RPC::XML::Client modules must be installed. Nikto will operate without these modules, but the functionality will not be available.
Perl: http://www.cpan.org/
The chase by alberto moravia. LibWhisker: http://www.wiretrip.net/
ActiveState Perl: http://www.activestate.com/
OpenSSL: http://www.openssl.org/
Perl modules RPC::XML::Client and RPC::XML for Metasploit logging integration
For convenience, the JSON::PP module is included in the distribution. This is used for saving requests and responses in a parseable format.
Nikto Web Scanner is an another good to have tool for any Linux administrator’s arsenal. It’s an Open source web scanner released under the GPL license, which is used to perform comprehensive tests on Web servers for multiple items including over 6500 potentially dangerous files/CGIs.
Suggested Read:WPSeku – A Vulnerability Scanner to Find Security Issues in WordPress
It’s written by Chris Solo and David Lodge for Vulnerability assessment, it checks for outdated versions over 1250 Web servers and over 270 version specific problems. It also scans and reports for outdated web server software and plugins.
Features of Nikto Web Scanner
- Supports SSL
- Supports full HTTP proxy
- Supports text, HTML, XML and CSV to save reports.
- Scan for multiple ports
- Can scan on multiple servers by taking inputs from files like nmap output
- Support LibWhisker IDS
- Capable enough to identify installed software with headers, files, and favicons
- Logs for Metasploits
- Reports for “unusual ” headers.
- Apache and cgiwrap user enumeration
- Authenticate hosts with Basic and NTLM
- Scans can be Auto-paused at a specified time.
Nikto Requirements
A system with basic Perl, Perl Modules, OpenSSL installation should enable Nikto to run. It has been thoroughly tested on Windows, Mac OSX and various Unix/Linux distributions such as Red Hat, Debian, Ubuntu, BackTrack, etc.
Installation of Nikto Web Scanner on Linux
Most of the today’s Linux systems comes with pre-installed Perl, Perl Modules, and OpenSSL packages. If not included, you can install them using the default system package manager utility called yum or apt-get.
On Red Hat/CentOS/Fedora
On Debian/Ubuntu/Linux Mint
Install Nikto Windows
Next, clone the latest stable Nikto source files from its Github repository, move into Nikto/programs/ directory and run it using perl:
Sample Output
The “Option host requires an argument” is clearly telling that we didn’t include the needed parameters while doing a test. So, we need to add a basic necessary parameter to do a test run.
Basic Testing
The basic scan requires a host that you want to target, by default it scans port 80 if nothing is specified. The host can either be a hostname or an IP Address of a system. You can specify a host using “-h” option.
For example, I want to do a scan on an IP 172.16.27.56 on TCP port 80.
Sample Output
If you want to scan on a different port number, then add “-p” [-port] option. For example, I want to do a scan on IP 172.16.27.56 on TCP port 443.
Sample Output
You can also specify hosts, ports and protocols using a full URL syntax, and it will be scanned.
You can also scan any website. For example, here I did a scan on google.com.
Sample Output
The above command will perform a bunch of http requests (i.e. more than 2000 tests) on the web server.
Multiple Port Testing
You can also perform multiple ports scanning in the same session. To scan multiple ports on the same host, add “-p” [-port] option and specify the list of ports. Ports can be defined as a range (i.e., 80-443), or as a comma separated (i.e., 80,443). For example, I want to scan a ports 80 and 443 on the host 172.16.27.56.
Sample Output
Using a Proxy
Let’s say a system where Nikto is running only has access to the target host via an HTTP proxy, the test can still be performed using two different ways. One is using nikto.conf file and another way is to run directly from the command line.
Using Nikto.conf File
Open nikto.conf file using any command line editor.
Search for the variable “PROXY” and uncomment the ‘#‘ from the beginning of the lines as shown. Then add the proxy host, port, proxy user and password. Save and close the file.
Now, execute the Nikto using “-useproxy” option. Please note all connections will be relayed via the HTTP proxy.
Sample Output
Using Command Line
To run the Nikto directly from the command line using the “-useproxy” option by setting the proxy as the argument.
Install Nikto Windows
Sample Output
Updating Nikto
You can update Nikto to the latest plugins and databases automatically, simply run the “-update” command.
If new updates are available, you will see a list of new updates downloaded.
You can also manually download and update Nikto plugins and databases from the http://cirt.net/nikto/UPDATES/.