<rt id="bn8ez"></rt>
<label id="bn8ez"></label>

  • <span id="bn8ez"></span>

    <label id="bn8ez"><meter id="bn8ez"></meter></label>

    大漠駝鈴

    置身浩瀚的沙漠,方向最為重要,希望此blog能向大漠駝鈴一樣,給我方向和指引。
    Java,Php,Shell,Python,服務(wù)器運(yùn)維,大數(shù)據(jù),SEO, 網(wǎng)站開發(fā)、運(yùn)維,云服務(wù)技術(shù)支持,IM服務(wù)供應(yīng)商, FreeSwitch搭建,技術(shù)支持等. 技術(shù)討論QQ群:428622099
    隨筆 - 238, 文章 - 3, 評(píng)論 - 117, 引用 - 0
    數(shù)據(jù)加載中……

    WEB掃描工具之-Nikto

    Basic Testing

    The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80:

    perl nikto.pl -h 192.168.0.1

    To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:

    perl nikto.pl -h 192.168.0.1 -p 443

    Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:

    perl nikto.pl -h https://192.168.0.1:443/

    There is no need to specify that port 443 may be SSL, as Nikto will first test regular HTTP and if that fails, HTTPS. If you are sure it is an SSL server, specifying -s (-ssl) will speed up the test.

    perl nikto.pl -h 192.168.0.1 -p 443 -ssl

    More complex tests can be performed using the -mutate parameter, as detailed later. This can produce extra tests, some of which may be provided with extra parameters through the -mutate-options parameter. For example, using -mutate 3, with or without a file attempts to brute force usernames if the web server allows ~user URIs:

    perl nikto.pl -h 192.168.0.1 -mutate 3 -mutate-options user-list.txt

    Multiple Port Testing

    Nikto can scan multiple ports in the same scanning session. To test more than one port on the same host, specify the list of ports in the -p (-port) option. Ports can be specified as a range (i.e., 80-90), or as a comma-delimited list, (i.e., 80,88,90). This will scan the host on ports 80, 88 and 443.

    perl nikto.pl -h 192.168.0.1 -p 80,88,443

    Multiple Host Testing

    Nikto support scanning multiple hosts in the same session via a text file of host names or IPs. Instead of giving a host name or IP for the -h (-host) option, a file name can be given. A file of hosts must be formatted as one host per line, with the port number(s) at the end of each line. Ports can be separated from the host and other ports via a colon or a comma. If no port is specified, port 80 is assumed.

    This is an example of a valid hosts file:

    Example 3.1. Valid Hosts File

    192.168.0.1:80
    http://192.168.0.1:8080/
    192.168.0.3


    A host file may also be an nmap output in "greppable" format (i.e. from the output from -oG).

    A file may be passed to Nikto through stdout/stdin using a "-" as the filename. For example:

    nmap -p80 192.168.0.0/24 -oG - | nikto.pl -h -

    Using a Proxy

    If the machine running Nikto only has access to the target host (or update server) via an HTTP proxy, the test can still be performed. Set the PROXY* variables (as described in section 4), then execute Nikto with the -u (-useproxy) command. All connections will be relayed through the HTTP proxy specified in the configuration file.

    perl nikto.pl -h 192.168.0.1 -p 80 -u

    Updating

    Nikto can be automatically updated, assuming you have Internet connectivity from the host Nikto is installed on. To update to the latest plugins and databases, simply run Nikto with the -update command.


    perl nikto.pl -update

    If updates are required, you will see a list of the files downloaded:

     perl nikto.pl -update
    + Retrieving 'nikto_core.plugin'
    + Retrieving 'CHANGES.txt'

    posted on 2010-03-17 16:22 草原上的駱駝 閱讀(1034) 評(píng)論(0)  編輯  收藏 所屬分類: Linux

    主站蜘蛛池模板: 在线观看www日本免费网站| 久久嫩草影院免费看夜色| 69堂人成无码免费视频果冻传媒| 亚洲精品无码不卡在线播放HE| 一区二区三区免费视频观看| 亚洲精品久久久www| 2022免费国产精品福利在线| 亚洲一区二区三区乱码A| 久久免费国产精品| 亚洲∧v久久久无码精品| 57pao国产成视频免费播放| 亚洲色图.com| 国产成人免费高清激情视频| 亚洲精品中文字幕无码A片老| 四虎永久精品免费观看| 一个人看的免费视频www在线高清动漫 | 亚美影视免费在线观看| 国产亚洲人成A在线V网站 | 国产精品免费久久久久影院| 亚洲日韩精品射精日| 久久久高清日本道免费观看| 精品日韩亚洲AV无码| 久久久久久国产精品免费免费| 在线观看国产一区亚洲bd| 色噜噜AV亚洲色一区二区| 免费毛片a线观看| 国产精品亚洲片夜色在线| www国产亚洲精品久久久| 久久免费视频网站| 亚洲中文字幕无码中文字| 亚洲精品麻豆av| 1000部羞羞禁止免费观看视频 | 亚洲制服丝袜精品久久| 四虎国产精品免费视| 3344在线看片免费| 亚洲第一男人天堂| 国产AV无码专区亚洲AV漫画| 69国产精品视频免费| 特级aa**毛片免费观看| 亚洲欧洲日韩国产综合在线二区| 大学生一级特黄的免费大片视频|