Tuesday, May 8, 2007

"Security is a state of being, not a state to be achieved. By testing your configurations, you can find holes that you may have missed "

Distro : Trustix 2.2
Kernel : 2.4.32

Step by step :
root@test /# cd /usr/local/src
root@test src# wgethttp://search.cpan.org/CPAN/authors/id/F/FL/FLORA/Net_SSLeay.pm-1.30.tar.gz

root@test src# tar -xzvf Net_SSLeay.pm-1.30.tar.gz

root@test src# cd ./Net_SSLeay.pm-1.30

root@test src# perl Makefile.PL

root@test src# makeroot@test src# make install

root@test src# wget http://www.cirt.net/nikto/nikto-current.tar.gz

root@test src# tar -xzvf nikto-current.tar.gz

root@test src# wget http://www.wiretrip.net/rfp/libwhisker/LW.pm

root@test src# cp LW.pm ./nikto-1.35/LW.pm

root@test src# mv nikto-1.35/ /usr/local/nikto

root@test src# cd /usr/local/nikto

root@test src# cd /usr/local/nikto

Test inside :

root@test nikto# perl nikto.pl -h localhost

---------------------------------------------------------------------------
- Nikto 1.35/1.36 - www.cirt.net
+ Target IP: 127.0.0.1
+ Target Hostname: localhost
+ Target Port: 80
+ Start Time: Thu Aug 24 16:56:02 2006
---------------------------------------------------------------------------
Scan is dependent on "Server" string which can be faked, use -g to override
+ Server: Apache/2.0.55 (Trustix Secure Linux/Linux)
+ Allowed HTTP Methods: GET,HEAD,POST,OPTIONS,TRACE
+ HTTP method 'TRACE' is typically only used for debugging. It should be disabled. OSVDB-877.
+ Apache/2.0.55 appears to be outdated (current is at least Apache/2.0.58). Apache 1.3.33 is still maintained and considered secure.
+ /~root - Enumeration of users is possible by requesting ~username (responds with Forbidden for real users, not found for non-existent users) (GET).
+ / - Appears to be a default Apache install. (GET)
+ /icons/ - Directory indexing is enabled, it should only be enabled for specific directories (if required). If indexing is not used, the /icons directory should be removed. (GET)

Test Outside :

root@test nikto# perl nikto.pl -h www.google.com

------------------------------------------------------------------------------------------

Nikto 1.35/1.36 - www.cirt.net
+ Target IP: 66.249.89.99
+ Target Hostname: www.google.com
+ Target Port: 80
+ Start Time: Thu Aug 24 16:58:01 2006
------------------------------------------------------------------------------------------
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)