Kali Linux: nikto cek DVWA
Revision as of 06:13, 4 April 2017 by Onnowpurbo (talk | contribs)
Cek
nikto --host http://192.168.0.100/DVWA-1.9/
Hasil
- Nikto v2.1.6 --------------------------------------------------------------------------- + Target IP: 192.168.0.100 + Target Hostname: 192.168.0.100 + Target Port: 80 + Start Time: 2017-04-04 05:45:21 (GMT7) --------------------------------------------------------------------------- + Server: Apache/2.4.18 (Ubuntu) + The anti-clickjacking X-Frame-Options header is not present. + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type + Cookie PHPSESSID created without the httponly flag + Root page / redirects to: login.php + No CGI Directories found (use '-C all' to force check all possible dirs) + Server leaks inodes via ETags, header found with file /DVWA-1.9/robots.txt, fields: 0x1a 0x52156c6a290c0 + Allowed HTTP Methods: GET, HEAD, POST, OPTIONS + OSVDB-3268: /DVWA-1.9/config/: Directory indexing found. + /DVWA-1.9/config/: Configuration information may be available remotely. + OSVDB-3268: /DVWA-1.9/docs/: Directory indexing found. + /DVWA-1.9/login.php: Admin login page/section found. + 7535 requests: 0 error(s) and 10 item(s) reported on remote host + End Time: 2017-04-04 05:45:40 (GMT7) (19 seconds) --------------------------------------------------------------------------- + 1 host(s) tested
Cek
nikto -C all --host http://192.168.0.100/DVWA-1.9/
Yang menarik
DVWA-1.9/config/