Install Nikto On Windows 7
As of Nikto version 2.1.5, the included LibWhisker differs (slightly) from the standard LibWhisker 2.5 distribution. For SSL support the Net::SSLeay Perl module must be installed. Windows support for SSL is dependent on the installation package, but is rumored to exist for ActiveState's Perl. Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.
Nikto
Nikto is a vulnerability scanner that scans webservers for thousands of vulnerabilities and other known issues. It is very easy to use and does everything itself, without much instructions. It is included by default in pen testing distros like Kali linux. On other oses/platforms you need to install it manually. Can be downloaded from http://cirt.net/Nikto2.
The website describes nikto as follows
Install nikto on ubuntu
On Ubuntu nikto can be installed directly from synaptic manager.
Nikto is written in perl, so you need to have perl installed to be able to run it.
Install nikto on windows
On windows first install the perl interpreter. It can be downloaded from http://www.activestate.com/activeperl. Its free. Download the installer and install perl.
Next download nikto and extract the contents of the archive into a directory. Now run from the command prompt like this.
The above command actually runs the perl interpreter which loads the nikto.pl source file and runs it with whatever options are provided next to it.
Using Nikto
Lets now use nikto on some webserver and see what kind of things it can do. Lets try a test against a certain php+mysql website that is hosted on apache. The actual urls shall not be shown in the output
The output has lots of useful information. Nikto has detected the following :
1. Webserver
2. XSS vulnerabilitites.
3. Vulnerable web applications like phplist and gallery.
4. Information leaking pages.
Nikto also provides the osvdb numbers of the issues for further analysis. So overall nikto is a very informative tool. The next task for a hacker should be to find out how to exploit one of the so many vulnerabilities found out.
Most of the tests done by nikto are based on set rules or a dictionary. For example nikto has a list of default directories to look for, list of files to look for. So the entire scanning process just enumerates the presence of predefined urls on the http server. Apart from this nikto also looks into the http headers for additional information and also tests get parameters for xss vulnerabilities.
Nikto Plugins
Check the additional options supported by nikto using the help switch as follows
Analysing nikto
To understand how nikto works and discovers vulnerabilities we can analyse it further. Nikto has an option to use an http proxy. So by using a tool that can intercept the http requests and show them in proper format, we can analyse the queries made by nikto. One such tool is burp suite. It has an integrated http proxy. Free ati driver windows 7. It has a free edition that we are going to use.
Download free edition of burp suite from
http://www.portswigger.net/burp/
Burp suite is written in java, so the JRE is needed to run it. On ubuntu it can be installed from synaptic package manager. Start the burp suite and go to proxy tab. The proxy tab has 3 sub tabs namely : intercept, options and history. In the intercept tab turn intercept off. Otherwise burp suite will ask for a confirmation before allowing each request. Then go to the history tab. The history tab will show us all requests that nikto shall be making.
Next we need to tell nikto to use the proxy server. The command to use proxy would be
Here is a screenshot of how the burp suite would show the requests.
Burp suite provides a bunch of information, like the request, response, headers etc.