Kali Linux Tutorial: Find Vulnerabilities for Any Website Using Nikto
Kali Linux Tutorial: Find Vulnerabilities for Any Website Using Nikto
In this tutorial i'm going to explain how to Find Vulnerabilities for Any Website Using Nikto
tool in Kali linux, Before attacking any website, it's critical to do good reconnaissance. A few minutes of recon can save you hours on a hack. Simply trying various attacks without first finding which attacks the site is vulnerable is pure foolishness.
Nikto tool is freely available in hacker's Os Kali linux,
Let's start with Kali Linux,
Kali Linux
First off, you need to have
Kali linux (or backtrack) up and running on your machine. Any other Linux distro might work, but you'll need to install Sqlmap on your own.
Now if you don't have Kali Linux installed, you might want to go to this page: An Introduction to Hacker's OS Kali Linux and Installation Tutorial
Nikto
There are a number of tools and applications to find vulnerabilities in websites, but one of the simplest (and one of my favorites) is nikto.
This small and simple tool examines a website and reports back to you the potential vulnerabilities that it found that you could use to exploit or hack the site. In addition, it's one of the most widely used website vulnerabilities tools in the industry and in many circles considered the industry standard.
Although this tool is extremely useful and effective, it is NOT stealthy. Any website with an IDS or other security measures in place will detect that you are scanning it. Originally designed for security testing, it was never meant to be stealthy.
Step 1: Fire Up Kali & Open Nikto
Let's fire up Kali and get started with nikto. Once we have Kali up and running, go to Kali Linux -> Vulnerability Analysis -> Misc Scanners ->nikto, like in the screenshot below.
Although there are many options in using nikto, we will limit ourselves here to the basic syntax, such as this:
nikto -h <IP or hostname>
Step 2: Scan the Web Server
Let's start with a safe web server on our own network. In this case, I have started the http service on another machine on my network. There is not a website hosted by this machine, just the web server. Let's scan it for vulnerabilities by typing:
nikto -h 192.168.1.104
Nikto responds with a lot of information, as you can see below.
First, it tells us the server is Apache 2.2.14, probably on Ubuntu. It nailed this info and gives up more information on other potential vulnerabilities on this web server.
Note near the bottom that it identifies some vulnerabilities with the OSVDB prefix.
This is the Open Source Vulnerability Database. This is a database maintained of known vulnerabilities at www.osvdb.org, in addition to other databases I covered, such as SecurityFocus and Microsoft's Technet.
3: Scan the Site
Let's see what nikto can tell us about this site.
nikto -h webscantest.com
Once again, it identifies the server (Apache) and then proceeds to identify numerous potential vulnerabilities pre-fixed with OSVDB.
We can take a look at that website at www.osvdb.org to learn more about these vulnerabilities.
Now, let's use this site to find information on one of the vulnerabilities identified by nikto as OSVDB-877. We can put that reference number intothe search function and it retrieves the following page.
Note, in lower half of this page there are cross-references to the various information sources about this vulnerability, as well as references to tools and filters such as Nikto, Nessus, and Snort.
Scan Facebook
Finally, lets point nikto at www.facebook.com.
nikto -h facebook.com
As you can see, Facebook is tightly secured with few vulnerabilities. As you can imagine, if Facebook weren't secure, every script-kiddie on the planet would be hacking it to see who his true love is chatting with online.
In this tutorial i'm going to explain how to Find Vulnerabilities for Any Website Using Nikto
tool in Kali linux, Before attacking any website, it's critical to do good reconnaissance. A few minutes of recon can save you hours on a hack. Simply trying various attacks without first finding which attacks the site is vulnerable is pure foolishness.
Nikto tool is freely available in hacker's Os Kali linux,
Let's start with Kali Linux,
Kali Linux
First off, you need to have
Kali linux (or backtrack) up and running on your machine. Any other Linux distro might work, but you'll need to install Sqlmap on your own.
Now if you don't have Kali Linux installed, you might want to go to this page: An Introduction to Hacker's OS Kali Linux and Installation Tutorial
Nikto
There are a number of tools and applications to find vulnerabilities in websites, but one of the simplest (and one of my favorites) is nikto.
This small and simple tool examines a website and reports back to you the potential vulnerabilities that it found that you could use to exploit or hack the site. In addition, it's one of the most widely used website vulnerabilities tools in the industry and in many circles considered the industry standard.
Although this tool is extremely useful and effective, it is NOT stealthy. Any website with an IDS or other security measures in place will detect that you are scanning it. Originally designed for security testing, it was never meant to be stealthy.
Step 1: Fire Up Kali & Open Nikto
Let's fire up Kali and get started with nikto. Once we have Kali up and running, go to Kali Linux -> Vulnerability Analysis -> Misc Scanners ->nikto, like in the screenshot below.
Although there are many options in using nikto, we will limit ourselves here to the basic syntax, such as this:
nikto -h <IP or hostname>
Step 2: Scan the Web Server
Let's start with a safe web server on our own network. In this case, I have started the http service on another machine on my network. There is not a website hosted by this machine, just the web server. Let's scan it for vulnerabilities by typing:
nikto -h 192.168.1.104
Nikto responds with a lot of information, as you can see below.
First, it tells us the server is Apache 2.2.14, probably on Ubuntu. It nailed this info and gives up more information on other potential vulnerabilities on this web server.
Note near the bottom that it identifies some vulnerabilities with the OSVDB prefix.
This is the Open Source Vulnerability Database. This is a database maintained of known vulnerabilities at www.osvdb.org, in addition to other databases I covered, such as SecurityFocus and Microsoft's Technet.
3: Scan the Site
Let's see what nikto can tell us about this site.
nikto -h webscantest.com
Once again, it identifies the server (Apache) and then proceeds to identify numerous potential vulnerabilities pre-fixed with OSVDB.
We can take a look at that website at www.osvdb.org to learn more about these vulnerabilities.
Now, let's use this site to find information on one of the vulnerabilities identified by nikto as OSVDB-877. We can put that reference number intothe search function and it retrieves the following page.
Note, in lower half of this page there are cross-references to the various information sources about this vulnerability, as well as references to tools and filters such as Nikto, Nessus, and Snort.
Scan Facebook
Finally, lets point nikto at www.facebook.com.
nikto -h facebook.com
As you can see, Facebook is tightly secured with few vulnerabilities. As you can imagine, if Facebook weren't secure, every script-kiddie on the planet would be hacking it to see who his true love is chatting with online.
No comments: