Penetration Testing mailing list archives
nikto problems
From: larsno () gmail com
Date: 9 Nov 2006 09:17:29 -0000
Hey I've been trying to use Nikto on some https servers, and I can't get it to work. All the necessary packets are installed. The strange thing is that it seems to be LW who can't get the response it wants. I get all the SSL certs and even the information in the response seems correct when i try nikto in debug mode. Has enyone else experienced these problems? Here's the output from nikto -debug: nikto.pl -debug -h xxxxxx -p 443 --------------------------------------------------------------------------- - Nikto 1.35/1.36 - www.cirt.net D: - Target id:1:ident:xxxxxxxx:ports_in:443: D: - Request Hash: D: - Connection: Keep-Alive D: - Host: xxxxxx D: - User-Agent: Mozilla/4.75 (Nikto/1.35 ) D: - $whisker->INITIAL_MAGIC: 31337 D: - $whisker->anti_ids: D: - $whisker->force_bodysnatch: 0 D: - $whisker->force_close: 0 D: - $whisker->force_open: 0 D: - $whisker->force_open: 0 D: - $whisker->host: xxxxxx D: - $whisker->http_req_trailer: D: - $whisker->http_ver: 1.1 D: - $whisker->ignore_duplicate_headers: 1 D: - $whisker->include_host_in_uri: 0 D: - $whisker->lowercase_incoming_headers: 1 D: - $whisker->method: HEAD D: - $whisker->method_postfix: D: - $whisker->normalize_incoming_headers: 1 D: - $whisker->port: 443 D: - $whisker->req_spacer: D: - $whisker->req_spacer2: D: - $whisker->retry: 1 D: - $whisker->ssl: 0 D: - $whisker->timeout: 10 D: - $whisker->trailing_slurp: 0 D: - $whisker->uri: / D: - $whisker->uri_param_sep: ? D: - $whisker->uri_postfix: D: - $whisker->uri_prefix: D: - Result Hash: D: - $whisker->INITIAL_MAGIC 31338 D: - $whisker->error Server read timed out D: - $whisker->retry_errors ARRAY(0x1e815b4) D: - $whisker->uri / D: - Request Hash: D: - Connection: Keep-Alive D: - Host: xxxxxxx D: - User-Agent: Mozilla/4.75 (Nikto/1.35 ) D: - $whisker->INITIAL_MAGIC: 31337 D: - $whisker->anti_ids: D: - $whisker->force_bodysnatch: 0 D: - $whisker->force_close: 0 D: - $whisker->force_open: 0 D: - $whisker->host: xxxxxxxx D: - $whisker->http_req_trailer: D: - $whisker->http_ver: 1.1 D: - $whisker->ignore_duplicate_headers: 1 D: - $whisker->include_host_in_uri: 0 D: - $whisker->lowercase_incoming_headers: 1 D: - $whisker->method: HEAD D: - $whisker->method_postfix: D: - $whisker->normalize_incoming_headers: 1 D: - $whisker->port: 443 D: - $whisker->req_spacer: D: - $whisker->req_spacer2: D: - $whisker->retry: 1 D: - $whisker->save_ssl_info: 1 D: - $whisker->ssl: 1 D: - $whisker->timeout: 10 D: - $whisker->trailing_slurp: 0 D: - $whisker->uri: / D: - $whisker->uri_param_sep: ? D: - $whisker->uri_postfix: D: - $whisker->uri_prefix: D: - Result Hash: D: - cache-control no-cache D: - connection close D: - content-length 2024 D: - content-type text/html D: - pragma no-cache D: - $whisker->INITIAL_MAGIC 31338 D: - $whisker->code 403 D: - $whisker->http_resp 403 D: - $whisker->http_resp_message Forbidden ( The server denied the specif ied Uniform Resource Locator (URL). Contact the server administrator. ) D: - $whisker->http_ver 1.1 D: - $whisker->lowercase_incoming_headers 1 D: - $whisker->recv_header_order ARRAY(0x1e81614) D: - $whisker->retry_errors ARRAY(0x1e88c74) D: - $whisker->ssl_cert_issuer /DC=xx/DC=xxxx/DC=local/CN=xxxx D: - $whisker->ssl_cert_subject /C=XX/ST=xxxxx/L=xxxx/O=xx/OU=xxx/CN=xxxxxx D: - $whisker->ssl_cipher RC4-MD5 D: - $whisker->uri / + No HTTP(s) ports found on xxxxxxxx / 443 + 1 host(s) tested Lars ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- nikto problems larsno (Nov 09)
- Re: nikto problems Richard Sammet (Nov 09)
- <Possible follow-ups>
- RE: nikto problems Cory Michal (Nov 09)