10:26 PM
predi
Salah satu program untuk scanning server yg terkenal adalah nikto ( cirt.net ) , berikut penulis mencoba untuk memberikan contoh implementasinya untuk scan server web, btw maaf ya yang punya server ane cuman iseng dan tidak merusak sistem anda jika ada intruder lain di sistem anda sama sekali saya tidak terlibat didalamnya ^_^.
1. contoh scan paling dasar dari nikto
root@bt:/pentest/web/nikto# perl nikto.pl -h jehz.com.my
- Nikto v2.1.4 --------------------------------------------------------------------------- + Target IP: 204.45.108.42 + Target Hostname: jehz.com.my + Target Port: 80 + Start Time: 2011-08-02 21:19:39 --------------------------------------------------------------------------- + Server: Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 + Root page / redirects to: http://jehz.com.my/cgi-sys/suspendedpage.cgi + mod_ssl/2.2.19 appears to be outdated (current is at least 2.8.31) (may depend on server version) + Number of sections in the version string differ from those in the database, the server reports: openssl/0.9.8e-fips-rhel5 while the database has: 1.0.0.100. This may cause false positives. + OpenSSL/0.9.8e-fips-rhel5 appears to be outdated (current is at least 1.0.0d). OpenSSL 0.9.8r is also current. + FrontPage/5.0.2.2635 appears to be outdated (current is at least 5.0.4.3) (may depend on server version) + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST + FrontPage - http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html + mod_ssl/2.2.19 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). CVE-2002-0082, OSVDB-756. + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found. + /cgi-sys/guestbook.cgi: May allow attackers to execute commands as the web daemon. + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
--- cut ---
dari contoh keterangan diatas terlihat bahwa target memiliki beberapa bug dan masih ada lagi dibawahnya.
2. Untuk scan target dengan port tertentu
root@bt:/pentest/web/nikto# perl nikto.pl -h 204.45.108.42 -p 443
- Nikto v2.1.4 --------------------------------------------------------------------------- + Target IP: 204.45.108.42 + Target Hostname: bliss.theservergroup.info + Target Port: 443 + Start Time: 2011-08-02 22:33:56 ---------------------------------------------------------------------------
+ Server: Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
3.Scan terhadap beberapa port tertentu ;
root@bt:/pentest/web/nikto# perl nikto.pl -h 204.45.108.42 -p 80,88,443,22,21
- Nikto v2.1.4 --------------------------------------------------------------------------- + No web server found on bliss.theservergroup.info:88 ---------------------------------------------------------------------------
heheh itu aja dulu untuk kombinasi dengan tools lain ntar aja.... lagian orang tadarusan ane malah liat-liat yg gak ane... ntar malah merusak puasa ane ^_^.
1. contoh scan paling dasar dari nikto
root@bt:/pentest/web/nikto# perl nikto.pl -h jehz.com.my
- Nikto v2.1.4 --------------------------------------------------------------------------- + Target IP: 204.45.108.42 + Target Hostname: jehz.com.my + Target Port: 80 + Start Time: 2011-08-02 21:19:39 --------------------------------------------------------------------------- + Server: Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 + Root page / redirects to: http://jehz.com.my/cgi-sys/suspendedpage.cgi + mod_ssl/2.2.19 appears to be outdated (current is at least 2.8.31) (may depend on server version) + Number of sections in the version string differ from those in the database, the server reports: openssl/0.9.8e-fips-rhel5 while the database has: 1.0.0.100. This may cause false positives. + OpenSSL/0.9.8e-fips-rhel5 appears to be outdated (current is at least 1.0.0d). OpenSSL 0.9.8r is also current. + FrontPage/5.0.2.2635 appears to be outdated (current is at least 5.0.4.3) (may depend on server version) + OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST + FrontPage - http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html + mod_ssl/2.2.19 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell (difficult to exploit). CVE-2002-0082, OSVDB-756. + /cgi-sys/formmail.pl: Many versions of FormMail have remote vulnerabilities, including file access, information disclosure and email abuse. FormMail access should be restricted as much as possible or a more secure solution found. + /cgi-sys/guestbook.cgi: May allow attackers to execute commands as the web daemon. + OSVDB-27071: /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
--- cut ---
dari contoh keterangan diatas terlihat bahwa target memiliki beberapa bug dan masih ada lagi dibawahnya.
2. Untuk scan target dengan port tertentu
root@bt:/pentest/web/nikto# perl nikto.pl -h 204.45.108.42 -p 443
- Nikto v2.1.4 --------------------------------------------------------------------------- + Target IP: 204.45.108.42 + Target Hostname: bliss.theservergroup.info + Target Port: 443 + Start Time: 2011-08-02 22:33:56 ---------------------------------------------------------------------------
+ Server: Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
3.Scan terhadap beberapa port tertentu ;
root@bt:/pentest/web/nikto# perl nikto.pl -h 204.45.108.42 -p 80,88,443,22,21
- Nikto v2.1.4 --------------------------------------------------------------------------- + No web server found on bliss.theservergroup.info:88 ---------------------------------------------------------------------------
heheh itu aja dulu untuk kombinasi dengan tools lain ntar aja.... lagian orang tadarusan ane malah liat-liat yg gak ane... ntar malah merusak puasa ane ^_^.
Posted in: PENTEST,SECURITY
0 comments:
Post a Comment