.db Files Associated with the nikto_core Plug-in
The
nikto_core
plug-in uses
servers.db
to categorize a target based
on its Server: header. The file contains
categories of web servers and regular expressions that
map to them. To limit testing time and false positives, Nikto uses
the function get_banner()
to retrieve the
Server: banner and then sets the appropriate
server category using the function set_server_cats( )
. The
scan_database.db
file and the optional
user_scan_database.db
file are the driver files for the
main checks launched from nikto_core.plugin and
they share the same syntax. The line syntax is as follows:
[Server category], [URI], [Status Code /Search Text ], [HTTP Method], [Message]
"iis","/","Length Required","SEARCH","WebDAV is installed.\n";
"cern","/.www_acl","200","GET","Contains authorization information"
"generic","/cfdocs/examples/httpclient/mainframeset.cfm","200!not found","GET",
"This might be interesting"The first entry of the first line is the server category—in
this case, iis. Once the category has been
determined, only checks of this type will be run against it, unless
the -generic command-line option is specified. This will reduce total scan time and false positives. The second entry of the first line is the URI requested. The third entry is the text Nikto will look for in the response. If the text is found, the check will register as a vulnerability and will display the appropriate output to the user. You can specify both the status code and ...
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
