Kali Linux: nikto cek DVWA

From OnnoWiki
Revision as of 06:14, 4 April 2017 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search

Cek 

nikto --host http://192.168.0.100/DVWA-1.9/
nikto -C all --host http://192.168.0.100/DVWA-1.9/

Hasil 

- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          192.168.0.100
+ Target Hostname:    192.168.0.100
+ Target Port:        80
+ Start Time:         2017-04-04 05:45:21 (GMT7)
---------------------------------------------------------------------------
+ Server: Apache/2.4.18 (Ubuntu)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Cookie PHPSESSID created without the httponly flag
+ Root page / redirects to: login.php
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Server leaks inodes via ETags, header found with file /DVWA-1.9/robots.txt, fields: 0x1a 0x52156c6a290c0 
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS 
+ OSVDB-3268: /DVWA-1.9/config/: Directory indexing found.
+ /DVWA-1.9/config/: Configuration information may be available remotely.
+ OSVDB-3268: /DVWA-1.9/docs/: Directory indexing found.
+ /DVWA-1.9/login.php: Admin login page/section found.
+ 7535 requests: 0 error(s) and 10 item(s) reported on remote host
+ End Time:           2017-04-04 05:45:40 (GMT7) (19 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested


Yang menarik 

DVWA-1.9/config/
Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Kali_Linux:_nikto_cek_DVWA&oldid=47475"