Scanning Web Server Dengan Menggunakan Nikto
Proses Scanning sangat dibutuhkan untuk menganalisa web server apakah web server yang kita buat itu sudah tidak ada kekurangan atau malah masih banyak kekurangan, untuk kali ini saya mencoba untuk melakukan scanning web server dengan nikto.
Nikto adalah tools untuk pemeriksaan vulnerability pada apache. Jadi anda dapat mengetahui dimana letak hole pada suatu web server. Tetapi ingat melakukan scanning server adalah ilegal jika Anda tidak mempunyai hak akses di dalamnya.
nampaknya kita langsung saja bila tidak mempunyai nikto dapat menginstall terlebih dahulu klo saya memakai ubuntu jadi cara penginstallannya dengan cara :
$sudo apt-get install nikto
setelah terinstall anda dapat masuk di directory nikto yang terdapat di /usr/bin
setelah masuk anda dapat langsung meng updaten databasenya dengan cara perl nikto -update
sudah install dan update nah barulah kita dapat menggunakan nikto dengan perintah
perl nikto -h localhost
(ganti localhost dengan situs yang ingin kita scan saya mencoba me-scan situs www.jatimcrew.com)
dan hasil adalah seperti dibawah ini :
---------------------------------------------------------------------------
+ Target IP: 67.220.211.131
+ Target Hostname: jatimcrew.com
+ Target Port: 80
+ Start Time: 2009-07-19 16:42:47
---------------------------------------------------------------------------
+ Server: Apache
- Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-877: HTTP method ('Allow' Header): 'TRACE' is typically only used for debugging and should be disabled. This message does not mean it is vulnerable to XST.
+ OSVDB-0: Retrieved X-Powered-By header: PHP/5.2.8
+ OSVDB-0: GET //cgi-sys/formmail.pl : Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
+ OSVDB-0: GET //cgi-sys/guestbook.cgi : May allow attackers to execute commands as the web daemon.
+ OSVDB-0: GET //cgi-sys/Count.cgi : This may allow attackers to execute arbitrary commands on the server
+ OSVDB-3233: GET //mailman/listinfo : Mailman was found on the server.
+ OSVDB-48: GET //doc/ : The /doc/ directory is browsable. This may be /usr/doc.
+ OSVDB-12184: GET //index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 : PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
+ OSVDB-3092: GET //cgi-sys/entropysearch.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET //cgi-sys/FormMail-clone.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET //cgi-sys/mchat.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET //cgi-sys/scgiwrap : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET //download/ : This might be interesting...
+ OSVDB-3092: GET //forum/ : This might be interesting...
+ OSVDB-3092: GET //home/ : This might be interesting...
+ OSVDB-3092: GET //img-sys/ : Default image directory should not allow directory listing.
+ OSVDB-3092: GET //java-sys/ : Default Java directory should not allow directory listing.
+ OSVDB-3093: GET //forum/viewtopic.php : phpBB found.
+ 3577 items checked: 19 item(s) reported on remote host
+ End Time: 2009-07-19 18:12:18 (5371 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Test Options: -host http://jatimcrew.com/
---------------------------------------------------------------------------
Gunakan dengan bijak software dan tutorial ini.
Nikto adalah tools untuk pemeriksaan vulnerability pada apache. Jadi anda dapat mengetahui dimana letak hole pada suatu web server. Tetapi ingat melakukan scanning server adalah ilegal jika Anda tidak mempunyai hak akses di dalamnya.
nampaknya kita langsung saja bila tidak mempunyai nikto dapat menginstall terlebih dahulu klo saya memakai ubuntu jadi cara penginstallannya dengan cara :
$sudo apt-get install nikto
setelah terinstall anda dapat masuk di directory nikto yang terdapat di /usr/bin
setelah masuk anda dapat langsung meng updaten databasenya dengan cara perl nikto -update
sudah install dan update nah barulah kita dapat menggunakan nikto dengan perintah
perl nikto -h localhost
(ganti localhost dengan situs yang ingin kita scan saya mencoba me-scan situs www.jatimcrew.com)
dan hasil adalah seperti dibawah ini :
---------------------------------------------------------------------------
+ Target IP: 67.220.211.131
+ Target Hostname: jatimcrew.com
+ Target Port: 80
+ Start Time: 2009-07-19 16:42:47
---------------------------------------------------------------------------
+ Server: Apache
- Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
+ OSVDB-877: HTTP method ('Allow' Header): 'TRACE' is typically only used for debugging and should be disabled. This message does not mean it is vulnerable to XST.
+ OSVDB-0: Retrieved X-Powered-By header: PHP/5.2.8
+ OSVDB-0: GET //cgi-sys/formmail.pl : Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found.
+ OSVDB-0: GET //cgi-sys/guestbook.cgi : May allow attackers to execute commands as the web daemon.
+ OSVDB-0: GET //cgi-sys/Count.cgi : This may allow attackers to execute arbitrary commands on the server
+ OSVDB-3233: GET //mailman/listinfo : Mailman was found on the server.
+ OSVDB-48: GET //doc/ : The /doc/ directory is browsable. This may be /usr/doc.
+ OSVDB-12184: GET //index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 : PHP reveals potentially sensitive information via certain HTTP requests which contain specific QUERY strings.
+ OSVDB-3092: GET //cgi-sys/entropysearch.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET //cgi-sys/FormMail-clone.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET //cgi-sys/mchat.cgi : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET //cgi-sys/scgiwrap : Default CGI, often with a hosting manager of some sort. No known problems, but host managers allow sys admin via web
+ OSVDB-3092: GET //download/ : This might be interesting...
+ OSVDB-3092: GET //forum/ : This might be interesting...
+ OSVDB-3092: GET //home/ : This might be interesting...
+ OSVDB-3092: GET //img-sys/ : Default image directory should not allow directory listing.
+ OSVDB-3092: GET //java-sys/ : Default Java directory should not allow directory listing.
+ OSVDB-3093: GET //forum/viewtopic.php : phpBB found.
+ 3577 items checked: 19 item(s) reported on remote host
+ End Time: 2009-07-19 18:12:18 (5371 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Test Options: -host http://jatimcrew.com/
---------------------------------------------------------------------------
Gunakan dengan bijak software dan tutorial ini.
Scanning Web Server Dengan Menggunakan Nikto
![Scanning Web Server Dengan Menggunakan Nikto]()
Reviewed by Unknown
on
4:26 AM
Rating:
