How to install and Use Nikto in Linux
By Prempal Singh
What is Nikto
Nikto is web-server scanner which is open source which can be use to scan the server for malicious file and programs. Using NIKTO we can scan HTTP, HTTPS and HTTPD traffics too. NIKTO can be used to outdated version of program also, and at the end of scan it’s generate log file too. To run NIKTO, you don’t have need any other resources, if our server installed Perl.
Download NIKTO
Download package of Nikto from there website https://cirt.net/nikto/nikto-2.1.5.tar.gz
Now extract the package using below command
tar -zxvf nikto-2.1.5.tar.gz
Navigate to the directory where NIKTO is download then
sudo cp -apvf nikto-2.1.5/* /usr/local/bin/
and then
ls -l /usr/local/bin
To make permission and create links
Now we need to create a link for our conf file to /etc/ because nikto look for conf file under /etc/. Then make our nikto script as executable using chmod.
sudo ln -s /usr/local/bin/nikto.conf /etc/nikto.conf
ls -l /etc/nikto.conf
sudo chmod 755 /usr/local/bin/nikto.pl
ls -l /usr/local/bin/nikto.pl
Now Update the NIKTO database
/usr/local/bin/nikto.pl -update
To list the available Plugins for nikto we can use the below command.
nikto.pl -list-plugins
Now Scan For Vulnerabilities
To scan for a website using host name we can use the option -h followed by NIKTO command.
nikto.pl -h www.cyberops.in
Scan for host name using multiple ports
nikto.pl -h www.google.com -p 80,443
While scanning for vulnerabilities we can see the process
nikto.pl -D v -h www.google.com
Here
-D = Display
v = Verbose
-h = Host name
NIKTO provide tuning option to scan only using specific check
Below Options are available for specific scan’s.
0 – File Upload
1 – Interesting File // we will get in logs
2 – Configuration / Default File
3 – Information Disclosure
4 – Injection (XSS/Script/HTML)
5 – Remote File Retrieval – Inside Web Root
6 – Denial of Service // Scan for DDOS
7 – Remote File Retrieval – Server Wide
8 – Command Execution // Remote Shell
9 – SQL Injection // Scan for MySQL vulnerabilities
a – Authentication Bypass
b – Software Identification
c – Remote Source Inclusion
x – Reverse Tuning Options
For example you want to scan Denial of Service and Remote File Retrieval
nikto.pl -Tuning 69 -h www.cyberops.in
Scan and save the result
nikto.pl -Display V -o nikto_scan_result.html -Format html -h 192.168.0.166