Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: nikto: multiple port scan issue

  1. #1
    Junior Member kr0m3's Avatar
    Join Date
    Jan 2008
    Posts
    68

    Default nikto: multiple port scan issue

    ok, have read docs have searched forum and still feel like a freak here....

    Code:
    user@host:~/bin/nikto-2.02> perl ./nikto.pl -findonly -h 10.x.x.x -p 80-90
    ---------------------------------------------------------------------------
    - Nikto 2.02/2.03     -     cirt.net
    + No HTTP(s) server found on 10.x.x.x / 80-90
    + 1 host(s) tested
    
    user@host:~/bin/nikto-2.02> perl ./nikto.pl -findonly -h 10.x.x.x -p 80
    ---------------------------------------------------------------------------
    - Nikto 2.02/2.03     -     cirt.net
    + Server: http://10.x.x.x:80        Microsoft-IIS/6.0
    + 1 host(s) tested
    
    user@host:~/bin/nikto-2.02>
    i have attempted several ranges and still won't pick the server up unless i don't specify a port at all or unless i specify the actual port. reproduced on multiple targets...
    nikto docs support my syntax, am i just going stupid here?
    wtf?

    thanks in advance!
    ~k
    "...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by kr0m3 View Post
    i have attempted several ranges and still won't pick the server up unless i don't specify a port at all or unless i specify the actual port. reproduced on multiple targets...
    thanks in advance!
    ~k
    Not sure I follow this sentence here my man
    Your syntax does look ok to me so again I am not sure what you are asking.
    just in case:
    http://cirt.net/nikto2-docs/
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  4. #4
    Junior Member kr0m3's Avatar
    Join Date
    Jan 2008
    Posts
    68

    Default

    thanks for the replies, mi compadres, however i've already gone through all the docs and my syntax is indeed correct.

    sorry for the confusion, let me try again...

    • if i do not specify any ports whatsoever, then nikto is able to pick up the service as it exists on port 80.
    • if i specify port 80, nikto again can see it just fine.
    • if i specify a range of ports that includes port 80 (i.e. 70-90) nikto fails to see the service at all.
    basically, as far as i can tell nikto is refusing to scan specified port ranges at all, even though i am asking it nicely with sugar on top.

    ah well, that is why god made httprint.

    thanks again for the replies. if anyone can duplicate or resolve...im all ears!

    peace
    ~k
    "...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "

  5. #5
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Have you tried it with a comma separated list instead of a range?
    i.e.:
    perl ./nikto.pl -findonly -h 10.x.x.x -p 80,81,82,83,84,85,86,87,88,89,90

    Is there a nikto.conf in your nikto install directory? If so are any SKIPPORTS defined?

    If you just want to identify web servers you could also just use nmap or amap.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  6. #6
    Junior Member kr0m3's Avatar
    Join Date
    Jan 2008
    Posts
    68

    Default

    Quote Originally Posted by thorin View Post
    Have you tried it with a comma separated list instead of a range?
    i.e.:
    perl ./nikto.pl -findonly -h 10.x.x.x -p 80,81,82,83,84,85,86,87,88,89,90

    Is there a nikto.conf in your nikto install directory? If so are any SKIPPORTS defined?

    If you just want to identify web servers you could also just use nmap or amap.
    comma-delimited has the same issue, no SKIPPORTS issues either. thanks for the ideas though.

    your right, i don't get paid enough to t-shoot this for a week when i can use amap and move on down the yellow brick road.

    thanks again
    ~k
    "...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "

  7. #7
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    I decided to post to the official nikto-discuss list, I'll let you know what I find out. My quick test results were slightly different than yours.

    Dashed ranges appear to be broken, i.e.:

    Code:
    $ perl nikto.pl -findonly -h host.com -p 80-82
    ---------------------------------------------------------------------------
    - Nikto 2.02/2.03     -     cirt.net
    + No HTTP(s) server found on host.com / 80-82
    + 1 host(s) tested
    Comma separated ranges seem to work:


    Code:
    $ perl nikto.pl -findonly -h host.com -p 80,81,82
    ---------------------------------------------------------------------------
    - Nikto 2.02/2.03     -     cirt.net
    + Server: http://host.com:80     Microsoft-IIS/6.0
    + No HTTP(s) server found on host.com / 81
    + No HTTP(s) server found on host.com / 82
    + 1 host(s) tested
    Single ports seem to work:


    Code:
    $ perl nikto.pl -findonly -h host.com -p 80
    ---------------------------------------------------------------------------
    - Nikto 2.02/2.03     -     cirt.net
    + Server: http://host.com:80     Microsoft-IIS/6.0
    + 1 host(s) tested
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #8
    Junior Member kr0m3's Avatar
    Join Date
    Jan 2008
    Posts
    68

    Default

    right on.
    i'll monitor this thread for a while then. off to amap in the meantime

    you rock.
    ~k
    "...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "

  9. #9
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Didn't get any answer on the discuss list but it seems this was added to their bug tracker a few days ago and has now been fixed, it's slated for the next release.

    http://trac2.assembla.com/Nikto_2/ticket/23
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  10. #10
    Junior Member kr0m3's Avatar
    Join Date
    Jan 2008
    Posts
    68

    Default

    squeaky wheel gets the grease, i suspect.
    thanks for squeaking.


    ~k
    "...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •