If you're a website developer or admin, you know how important it is to stay up on the security of your work. You might drop that new site into a perfectly secured network, but what if the site itself has an issue or two tucked within the code? Or what if the hosting server has issues? You could place your network or your data in danger.
Because of this, you need comprehensive scanning tools that can run deep dive penetration tests on your websites and web servers to find issues you might have missed or not even known existed. Sounds hard, doesn't it?
It's not. Not when you have a tool like Nikto2. Nikto2 is the next evolution of the original Nikto scanner that performs comprehensive tests against web servers for over 6700 potentially dangerous files/programs. Nikto2 also checks for outdated versions of over 1250 servers, as well as specific problems on over 270 servers. Nikto2 checks for misconfigured server items (such as the presence of multiple index files). Nikto2 is frequently updated, so you can be sure it'll catch the latest issues.
Let's "install" and use Nikto2 and see just how easy it is to run a deep scan on your websites.
I place installation in quotes, as there really isn't an installation per se. You simply run the included executable file against your site. What exactly are the steps? Let me show you. I'll be demonstrating on Ubuntu Server, but running the tool is the same, regardless of distribution.
- Download the latest version of Nikto2.
- Unzip the file with the command unzip master.zip.
- Change into the newly created directory with the command cd nikto-master/program.
That's it for the "installation." You do, however, need to have Perl installed. If you're using Ubuntu to run Nikto2, you can install Perl with the command:
sudo apt install perl
Let's run Nikto2.
There are a few options you can use with Nikto2, but the basic usage is:
perl nikto2 -host SERVER_IP
Where SERVER_IP is the actual IP address of the server.
The command will fire off and dive into the website at the given address. Nikto2 will immediately report its findings and may even ask if it can add a server string to its database (Figure A).
After you've answered either Yes or No to submitting the string, Nikto2 will end. Depending on how large your site is and how many issues are present, the results could be lengthy. Because of that, you might want to save that output for later viewing. To do this, the command would be:
perl nikto.pl -host 192.168.1.188 -o test -Format csv
The above command would do a standard test on 192.168.1.188 and save the file named "test" in a CSV format. You could then view test with the command less test.
You can scan multiple ports with the command:
perl nikto.pl -h 192.168.0.1 -p 80,88,8000,443
Or, if you want to tune the command to run specific tests, you can use the Tuning option. The types of tests you can specify are:
- 0 - File Upload exploits.
- 1 - Interesting log entries.
- 2 - Misconfiguration of default files.
- 3 - Information Disclosure.
- 4 - Injection (XSS/Script/HTML) exploits.
- 5 - Remote file retrieval (within the document root) exploit.
- 6 - Denial of Service.
- 7 - Remote file retrieval (server wide).
- 8 - Command execution/remote shell exploits.
- 9 - SQL Injection.
- a - Authentication bypass.
- b - Software identification.
- c - Remote source inclusion.
- x - Reverse Tuning Options.
You combine the above to create a unique test. Say you want to test for Denial of Service, SQL injections, Authentication bypass, and Software identification. The command for this would be:
perl nikto.pl -h 192.168.1.188 -T 69ab
You can combine any of the above tests in this way. You can also combine that with the output option to save the results for later viewing like so:
perl nikto.pl -h 192.168.1.188 -T 69ab -o test -Format csv
If you need to test CGI directories, you could issue Nikto2 like so:
perl nikto.pl -h 192.168.1.188 -Cgidirs all -o test -Format csv
The "all" options would instruct Nikto2 to test all available CGI directories. If you want to specify a specific CGI directory, the command would be:
perl nikto.pl -h 192.168.1.188 -Cgidirs /cgi/ -o test -Format csv
You can even test multiple CGI directories like so:
perl nikto.pl -h 192.168.1.188 -Cgidirs /cgi/ /cgi-a/ /cgi-b/ -o test -Format csv
That's pretty much the gist of using the Nikto2 website scanner. For more information, you can issue the command perl nikto.pl -H|less to ready the full man page. For even more information, check out the official Nikto2 documentation.
- How to easily edit a network connection on a CentOS 7 minimal installation (TechRepublic)
- How to install and use Gitkraken on Ubuntu with snap (TechRepublic)
- How to cache static content on NGINX (TechRepublic)
- How to create a bridged network for your Antsle virtual machines (TechRepublic)
- How to use Cloudflare's DNS service to speed up and secure your internet (ZDNet)
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.