Results 1 to 4 of 4

Thread: Nikto result

  1. #1
    Senior Member skull2006's Avatar
    Join Date
    Jan 2010
    Location
    In my skull
    Posts
    125

    Question Nikto result

    Dear All,

    i have use Nikto to our server and it show me this ::

    + Retrieved ms-author-via header: MS-FP/4.0,DAV
    + Allowed HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
    + OSVDB-5646: HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.
    + OSVDB-397: HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server.
    + OSVDB-5647: HTTP method ('Allow' Header): 'MOVE' may allow clients to change file locations on the web server.
    + Public HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
    + OSVDB-5646: HTTP method ('Public' Header): 'DELETE' may allow clients to remove files on the web server.
    + OSVDB-397: HTTP method ('Public' Header): 'PUT' method could allow clients to save files on the web server.
    + OSVDB-5647: HTTP method ('Public' Header): 'MOVE' may allow clients to change file locations on the web server.
    + WebDAV enabled (SEARCH UNLOCK LOCK MKCOL COPY PROPPATCH PROPFIND listed as allowed)
    + OSVDB-13431: PROPFIND HTTP verb may show the server's internal IP address: http://server/insert_sms/web.config
    __________________________________________________ _______________________

    i note there is "PUT,GET ...etc" is it possible to copy file from and to that server with http command and how???

    Best Regards,


  2. #2
    Junior Member skidmarq's Avatar
    Join Date
    Jan 2010
    Posts
    88

    Default Re: Nikto result

    Study up on WebDAV...

    EDIT: I may even have a tutorial on these very forums if you search hard enough...
    I got 99 problems but the bits ain't one...

  3. #3
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Nikto result

    Try the 'cadaver' tool. Its pretty easy to work out how to use it. Be aware that the file extensions you use may matter.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  4. #4
    Senior Member skull2006's Avatar
    Join Date
    Jan 2010
    Location
    In my skull
    Posts
    125

    Default Re: Nikto result

    thanks ,,, under testing

Similar Threads

  1. ASP-auditor result
    By HACK-IT in forum OLD Newbie Area
    Replies: 0
    Last Post: 03-10-2010, 01:06 PM
  2. Nikto GUI v.2.0
    By bluster in forum OLD Programming
    Replies: 3
    Last Post: 05-11-2009, 11:47 AM
  3. Nikto Gui
    By bluster in forum OLD Programming
    Replies: 1
    Last Post: 09-05-2008, 09:34 PM
  4. Nikto With Nessus??
    By G-Unot101 in forum OLD Newbie Area
    Replies: 2
    Last Post: 07-09-2008, 05:49 AM
  5. Nikto 2.0
    By solution in forum OLD Feature requests
    Replies: 4
    Last Post: 11-14-2007, 12:43 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •