How to Install and Use Nikto Web Scanner on Ubuntu 18.04

0
5708

Hello folks, today we are going to learn how to install and use Nikto web scanner on Ubuntu 18.04 server.

Nikto is a Perl based open-source web vulnerability scanner that can unearth every other potential threat on your web server including but not limited to;

  • Insecure files and programs
  • Outdated servers and programs
  • Server and software misconfigurations
  • Default files and programs

Nikto can run on almost any Operating system with Perl interpreter installed. It supports SSL, proxies, host authentication, attack encoding, IDS evation etc.

You may also want to check our previous tutorials on Nessus, OpenVAS, ClamAV.

Without much theory, let us quickly have a look at how to install and use Nikto.

Install and Use Nikto Web Scanner on Ubuntu 18.04

Install Nikto on Ubuntu 18.04

Installation of nikto on Ubuntu 18.04 is pretty straight forward as the package is available on the default repositories. Thus, run the commands below to install nikto.

Update your package repos and upgrade your server;

# apt-get update
# apt-get upgrade

Install nikto.

Perl is already installed on Ubuntu 18.04. Therefore, the command below will install nikto and all the required dependencies.

# apt-get install nikto -y

Once the installation is done, nikto is ready perform its magics. Wait and see.

Basic Usage of Nikto

The basic nikto command line syntax is:

nikto [options...]

When run without any command line options, it shows basic description of various command options;

# nikto 
- Nikto v2.1.5
---------------------------------------------------------------------------
+ ERROR: No host specified

       -config+            Use this config file
       -Display+           Turn on/off display outputs
       -dbcheck            check database and other key files for syntax errors
       -Format+            save file (-o) format
       -Help               Extended help information
       -host+              target host
       -id+                Host authentication to use, format is id:pass or id:pass:realm
       -list-plugins       List all available plugins
       -output+            Write output to this file
       -nossl              Disables using SSL
       -no404              Disables 404 checks
       -Plugins+           List of plugins to run (default: ALL)
       -port+              Port to use (default 80)
       -root+              Prepend root value to all requests, format is /directory 
       -ssl                Force ssl mode on port
       -Tuning+            Scan tuning
       -timeout+           Timeout for requests (default 10 seconds)
       -update             Update databases and plugins from CIRT.net
       -Version            Print plugin and database versions
       -vhost+             Virtual host (for Host header)
   		+ requires a value

	Note: This is the short help output. Use -H for full help text.

If you want to see more details about the options above, run the command below;

# nikto -H

Launching Nikto Web Scan

In this section, we are going to see how Nikto is used with various command line options shown above to perform web scanning.

In its basic functionality, Nikto requires just an host an to scan. The target host can be specified with the -h or -host option e.g to scan a web server whose IP address is 192.168.43.154, run Nikto as follows;

# nikto -host 192.168.43.154
- Nikto v2.1.5
---------------------------------------------------------------------------
+ Target IP:          192.168.43.154
+ Target Hostname:    test.com
+ Target Port:        80
+ Start Time:         2018-11-01 18:01:35 (GMT3)
---------------------------------------------------------------------------
+ Server: Apache/2.4.29 (Ubuntu)
+ The anti-clickjacking X-Frame-Options header is not present.
+ Cookie PHPSESSID created without the httponly flag
+ Root page / redirects to: login.php
+ Server leaks inodes via ETags, header found with file /robots.txt, fields: 0x1a 0x5797709ba2009 
+ File/dir '/' in robots.txt returned a non-forbidden or redirect HTTP code (302)
+ "robots.txt" contains 1 entry which should be manually viewed.
+ OSVDB-3268: /config/: Directory indexing found.
+ /config/: Configuration information may be available remotely.
+ OSVDB-3268: /docs/: Directory indexing found.
+ OSVDB-3233: /icons/README: Apache default file found.
+ /login.php: Admin login page/section found.
+ OSVDB-3092: /.git/index: Git Index file may contain directory listing information.
+ 6545 items checked: 0 error(s) and 11 item(s) reported on remote host
+ End Time:           2018-11-01 18:01:48 (GMT3) (13 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

As you can see from the output, when the target host is specified without a port, nikto scans port 80 by default. However, if your web server is running on a different port, you have to specify the port using the -p or -port option. See example below;

# nikto -h 192.168.43.154 -p 8080

LEAVE A REPLY

Please enter your comment!
Please enter your name here