Cheat sheets

Nikto Scanner: Find Web Server Vulnerabilities

Share this with people that should know this:

There are handy free tools to run a scan on your web server, whether it is your own or you rent space from a hosting party. Nikto is a standard part of Kali linux, but you can also use it separately in another distribution or live environment.

Find Web Server Vulnerabilities

If you do not run your blog or web server yourself, you often depend on the security level that your provider uses. It is quite easy to see if your application is running a recent version, but the deeper you go into the system, the more difficult it gets. As a user, you need root access to check the databases, server components and scripting, and that access is usually reserved for customers of expensive hosting packages.

Nikto scanner

Nikto is a tool that you can target a specific system to perform a scan on all kinds of possibly outdated parts. The software is designed, for example, to screen a web server for security issues, such as misconfigured Apache extensions or outdated software versions. Nikto, on the other hand, is also used by attackers who use it in addition to a scan tool like nmap. This tool maps the servers in a network, with Nikto they then hunt deeper for a specific target.

Nikto scan for over 6700 items to detect misconfiguration, risky files, etc. and some of the features include;

  • You can save report in various formats such as HTML, XML, CSV
  • It supports SSL and Full HTTP Proxy
  • Scan multiple ports on the server
  • Find subdomain
  • User enumeration
  • Checks for outdated components
  • Detect parking sites
  • Server and software configurations
  • Default files and programs
  • Insecure files and programs
  • Outdated servers and programs

Most Linux distributions today offer Nikto in their package manager, but it can also be downloaded as a Perl program from the project’s website. It is of course supplied as standard in the security-researching Linux distribution Kali Linux, which is also available as a live environment. This allows you to quickly run an analysis from any possible system, be it officially a Windows machine or something else.

Using Nikto

You should only use Nikto on systems that are your own, scanning other web servers can lead to all kinds of trouble due to potential computer hacking. Moreover, such a scan is easy to notice, because there is no stealth mode. The analyzes are carried out as quickly as possible: he questions his target system on a number of parts and that is clearly visible when you search for it.

From the terminal you start the program with the command “nikto -h”. Graphical interfaces are provided for the program written in Perl and you can use them or just use a command line, depending on your personal taste. If you specify a computer you can enter an IP address, but a url is also fine.

Keep in mind that a scan can be broader than you intend if you query “www.cyberwarzone.com”, for example, because all underlying domains and directories are also examined. If you specify a fixed path, Nikto will only search the underlying folder structure. After confirmation, the program will run for a while, but you will soon see the first results appear in the terminal, for example which server version is used. It takes a while for all tests to complete.

The software is quite user-friendly. Some results are immediately visible, for example if the analysis shows that the license files (“license.txt”) are publicly accessible. These files are not required to run the programs, but they do contain information that attackers can use about, for example, installed software and its versions.

It may take some time for Nikto to complete his scan, depending on the size of the environment he is scanning. You can shorten the scan time by selecting in advance which tests the tool should run. It is possible to save the result of the scan so that you can read it at your leisure.

Share this with people that should know this: