Kali Linux: nikto cek DVWA

From OnnoWiki
Revision as of 06:13, 4 April 2017 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search

Cek

nikto --host http://192.168.0.100/DVWA-1.9/

Hasil

- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          192.168.0.100
+ Target Hostname:    192.168.0.100
+ Target Port:        80
+ Start Time:         2017-04-04 05:45:21 (GMT7)
---------------------------------------------------------------------------
+ Server: Apache/2.4.18 (Ubuntu)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Cookie PHPSESSID created without the httponly flag
+ Root page / redirects to: login.php
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Server leaks inodes via ETags, header found with file /DVWA-1.9/robots.txt, fields: 0x1a 0x52156c6a290c0 
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS 
+ OSVDB-3268: /DVWA-1.9/config/: Directory indexing found.
+ /DVWA-1.9/config/: Configuration information may be available remotely.
+ OSVDB-3268: /DVWA-1.9/docs/: Directory indexing found.
+ /DVWA-1.9/login.php: Admin login page/section found.
+ 7535 requests: 0 error(s) and 10 item(s) reported on remote host
+ End Time:           2017-04-04 05:45:40 (GMT7) (19 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested


Cek

nikto -C all --host http://192.168.0.100/DVWA-1.9/



Yang menarik

DVWA-1.9/config/