<rt id="bn8ez"></rt>
<label id="bn8ez"></label>

  • <span id="bn8ez"></span>

    <label id="bn8ez"><meter id="bn8ez"></meter></label>

    大漠駝鈴

    置身浩瀚的沙漠,方向最為重要,希望此blog能向大漠駝鈴一樣,給我方向和指引。
    Java,Php,Shell,Python,服務(wù)器運(yùn)維,大數(shù)據(jù),SEO, 網(wǎng)站開發(fā)、運(yùn)維,云服務(wù)技術(shù)支持,IM服務(wù)供應(yīng)商, FreeSwitch搭建,技術(shù)支持等. 技術(shù)討論QQ群:428622099
    隨筆 - 238, 文章 - 3, 評(píng)論 - 117, 引用 - 0
    數(shù)據(jù)加載中……

    WEB掃描工具之-Nikto

    Basic Testing

    The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80:

    perl nikto.pl -h 192.168.0.1

    To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:

    perl nikto.pl -h 192.168.0.1 -p 443

    Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:

    perl nikto.pl -h https://192.168.0.1:443/

    There is no need to specify that port 443 may be SSL, as Nikto will first test regular HTTP and if that fails, HTTPS. If you are sure it is an SSL server, specifying -s (-ssl) will speed up the test.

    perl nikto.pl -h 192.168.0.1 -p 443 -ssl

    More complex tests can be performed using the -mutate parameter, as detailed later. This can produce extra tests, some of which may be provided with extra parameters through the -mutate-options parameter. For example, using -mutate 3, with or without a file attempts to brute force usernames if the web server allows ~user URIs:

    perl nikto.pl -h 192.168.0.1 -mutate 3 -mutate-options user-list.txt

    Multiple Port Testing

    Nikto can scan multiple ports in the same scanning session. To test more than one port on the same host, specify the list of ports in the -p (-port) option. Ports can be specified as a range (i.e., 80-90), or as a comma-delimited list, (i.e., 80,88,90). This will scan the host on ports 80, 88 and 443.

    perl nikto.pl -h 192.168.0.1 -p 80,88,443

    Multiple Host Testing

    Nikto support scanning multiple hosts in the same session via a text file of host names or IPs. Instead of giving a host name or IP for the -h (-host) option, a file name can be given. A file of hosts must be formatted as one host per line, with the port number(s) at the end of each line. Ports can be separated from the host and other ports via a colon or a comma. If no port is specified, port 80 is assumed.

    This is an example of a valid hosts file:

    Example 3.1. Valid Hosts File

    192.168.0.1:80
    http://192.168.0.1:8080/
    192.168.0.3


    A host file may also be an nmap output in "greppable" format (i.e. from the output from -oG).

    A file may be passed to Nikto through stdout/stdin using a "-" as the filename. For example:

    nmap -p80 192.168.0.0/24 -oG - | nikto.pl -h -

    Using a Proxy

    If the machine running Nikto only has access to the target host (or update server) via an HTTP proxy, the test can still be performed. Set the PROXY* variables (as described in section 4), then execute Nikto with the -u (-useproxy) command. All connections will be relayed through the HTTP proxy specified in the configuration file.

    perl nikto.pl -h 192.168.0.1 -p 80 -u

    Updating

    Nikto can be automatically updated, assuming you have Internet connectivity from the host Nikto is installed on. To update to the latest plugins and databases, simply run Nikto with the -update command.


    perl nikto.pl -update

    If updates are required, you will see a list of the files downloaded:

     perl nikto.pl -update
    + Retrieving 'nikto_core.plugin'
    + Retrieving 'CHANGES.txt'

    posted on 2010-03-17 16:22 草原上的駱駝 閱讀(1034) 評(píng)論(0)  編輯  收藏 所屬分類: Linux

    主站蜘蛛池模板: 免费精品国产自产拍在线观看 | 777亚洲精品乱码久久久久久| 午夜亚洲乱码伦小说区69堂| 成人免费无毒在线观看网站| 亚洲国产精品久久丫| 亚洲一级毛片免费看| 亚洲妓女综合网99| 97碰公开在线观看免费视频| 久久久久se色偷偷亚洲精品av| 麻豆最新国产剧情AV原创免费| 亚洲一区二区三区四区视频| 大地资源二在线观看免费高清| 亚洲a视频在线观看| 性色av无码免费一区二区三区| 伊人久久亚洲综合影院首页| 在线观看成人免费视频| 久久亚洲精品11p| 亚洲AV中文无码乱人伦在线视色| 阿v视频免费在线观看| 亚洲综合色成在线播放| 国产拍拍拍无码视频免费| 亚洲av日韩综合一区在线观看| 91成人免费观看| 亚洲天堂男人影院| 国产公开免费人成视频| 一级黄色免费网站| 亚洲国产精品无码专区影院| 亚洲免费二区三区| 亚洲av无码专区国产不乱码| 国产亚洲精aa成人网站| 免费视频成人片在线观看| 久久亚洲精品国产精品婷婷| 国产乱色精品成人免费视频| 免费高清国产视频| 国产色在线|亚洲| 成人伊人亚洲人综合网站222| 花蝴蝶免费视频在线观看高清版| 亚洲国产成人va在线观看网址| 国产在线观看www鲁啊鲁免费| 美女视频黄a视频全免费网站色窝| 亚洲a视频在线观看|