Not sure I follow this sentence here my manOriginally Posted by kr0m3
Your syntax does look ok to me so again I am not sure what you are asking.
just in case:
http://cirt.net/nikto2-docs/
nikto: multiple port scan issue
ok, have read docs have searched forum and still feel like a freak here....
i have attempted several ranges and still won't pick the server up unless i don't specify a port at all or unless i specify the actual port. reproduced on multiple targets...Code:user@host:~/bin/nikto-2.02> perl ./nikto.pl -findonly -h 10.x.x.x -p 80-90 --------------------------------------------------------------------------- - Nikto 2.02/2.03 - cirt.net + No HTTP(s) server found on 10.x.x.x / 80-90 + 1 host(s) tested user@host:~/bin/nikto-2.02> perl ./nikto.pl -findonly -h 10.x.x.x -p 80 --------------------------------------------------------------------------- - Nikto 2.02/2.03 - cirt.net + Server: http://10.x.x.x:80 Microsoft-IIS/6.0 + 1 host(s) tested user@host:~/bin/nikto-2.02>
nikto docs support my syntax, am i just going stupid here?
wtf?
thanks in advance!
~k
"...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "
Not sure I follow this sentence here my man
Your syntax does look ok to me so again I am not sure what you are asking.
just in case:
http://cirt.net/nikto2-docs/
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
thanks for the replies, mi compadres, however i've already gone through all the docs and my syntax is indeed correct.
sorry for the confusion, let me try again...
basically, as far as i can tell nikto is refusing to scan specified port ranges at all, even though i am asking it nicely with sugar on top.
- if i do not specify any ports whatsoever, then nikto is able to pick up the service as it exists on port 80.
- if i specify port 80, nikto again can see it just fine.
- if i specify a range of ports that includes port 80 (i.e. 70-90) nikto fails to see the service at all.
ah well, that is why god made httprint.
thanks again for the replies. if anyone can duplicate or resolve...im all ears!
peace
~k
"...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "
Have you tried it with a comma separated list instead of a range?
i.e.:
perl ./nikto.pl -findonly -h 10.x.x.x -p 80,81,82,83,84,85,86,87,88,89,90
Is there a nikto.conf in your nikto install directory? If so are any SKIPPORTS defined?
If you just want to identify web servers you could also just use nmap or amap.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
comma-delimited has the same issue, no SKIPPORTS issues either. thanks for the ideas though.
your right, i don't get paid enough to t-shoot this for a week when i can use amap and move on down the yellow brick road.
thanks again
~k
"...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "
I decided to post to the official nikto-discuss list, I'll let you know what I find out. My quick test results were slightly different than yours.
Dashed ranges appear to be broken, i.e.:
Comma separated ranges seem to work:Code:$ perl nikto.pl -findonly -h host.com -p 80-82 --------------------------------------------------------------------------- - Nikto 2.02/2.03 - cirt.net + No HTTP(s) server found on host.com / 80-82 + 1 host(s) tested
Single ports seem to work:Code:$ perl nikto.pl -findonly -h host.com -p 80,81,82 --------------------------------------------------------------------------- - Nikto 2.02/2.03 - cirt.net + Server: http://host.com:80 Microsoft-IIS/6.0 + No HTTP(s) server found on host.com / 81 + No HTTP(s) server found on host.com / 82 + 1 host(s) tested
Code:$ perl nikto.pl -findonly -h host.com -p 80 --------------------------------------------------------------------------- - Nikto 2.02/2.03 - cirt.net + Server: http://host.com:80 Microsoft-IIS/6.0 + 1 host(s) tested
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
right on.
i'll monitor this thread for a while then. off to amap in the meantime
you rock.
~k
"...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "
Didn't get any answer on the discuss list but it seems this was added to their bug tracker a few days ago and has now been fixed, it's slated for the next release.
http://trac2.assembla.com/Nikto_2/ticket/23
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
squeaky wheel gets the grease, i suspect.
thanks for squeaking.
~k
"...you've picked up a bit of an attitude. Still curious and willing to learn, I hope. "
Posting Permissions
