nikto官方文档:https://cirt.net/nikto2-docs/
一、nikto基本的使用
1.扫描一个主机
nikto -h 104.192.80.196
2.扫描指定端口
nikto -h 104.192.80.196 -p 80
3.使用完整的url进行扫描
nikto -h https://104.192.80.196:443/
4.保存结果
nikto -h 104.192.80.196 -p 80 -o result.html
扫描结果如下:
5.扫描https时指定ssl
nikto -h 104.192.80.196 -p 443 -ssl
6.同时扫描多个端口
nikto -h 104.192.80.196 -p 80,443,8080
7.同时扫描多个主机
创建一个主机列表文件 hostlist.txt :
104.192.80.196 https://www.baidu.com:443/ www.163.com www.cnblogs.com
然后使用nikto扫描:
nikto -h hostlist.txt
8.将nmap扫到的结果直接给nikto
nmap -p80 192.168.4.0/24 -oG - | nikto -h - -o net192.html
结果:
Nikto v2.1.6 --------------------------------------------------------------------------- + nmap Input Queued: 17WiFi.lan:80 + Target IP: 192.168.4.1 + Target Hostname: 17WiFi.lan + Target Port: 80 + Start Time: 2020-04-16 04:06:42 (GMT-4) --------------------------------------------------------------------------- + Server: nginx/1.15.2 + The anti-clickjacking X-Frame-Options header is not present. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type + Root page / redirects to: /local/auth + No CGI Directories found (use '-C all' to force check all possible dirs) + 7785 requests: 0 error(s) and 3 item(s) reported on remote host + End Time: 2020-04-16 04:07:15 (GMT-4) (33 seconds) --------------------------------------------------------------------------- + 1 host(s) tested
可以看到,整个网段中,只有192.168.4.1主机开了80端口。nikto接受到这个主机IP和端口,进行了进一步的扫描,发现了使用的服务器版本以及一些漏洞。
二、nikto的一些操作
1.nikto版本升级
root@kali:~# nikto -update -update is deprecated in git versions of Nikto; please pull directly from git. + No updates required. + CIRT.net message: You should update via git and not use -update
使用-update进行升级被告知以作废,要求我们通过git下载进行更新。
2.nikto扫描过程中的快捷键
在nikto扫描过程中,我们可以输入一下按键来进行相应的操作:
SPACE - Report current scan status # 报告当前扫描状态 v - Turn verbose mode on/off # 可以看到更多信息 d - Turn debug mode on/off # 开启和关闭debug模式 e - Turn error reporting on/off # 开启或关闭error报告 p - Turn progress reporting on/off # 开启或关闭进展报告 q - Quit # 结束扫描 N - Next host # 下一个主机 P - Pause # 暂停
====