Description

This plugin is a nikto port to python. It uses the scan_database file from nikto to search for new and vulnerable URL’s. The following configurable parameters exist:

  • cgi_dirs
  • admin_dirs
  • nuke_dirs
  • extra_db_file
  • mutate_tests

This plugin reads every line in the scan_database (and extra_db_file) and based on the configuration (“cgi_dirs”, “admin_dirs” , “nuke_dirs”) it performs requests to the remote server searching for common files that may contain vulnerabilities.

Plugin type

Crawl

Options

Name Type Default Value Description Help
cgi_dirs list [‘/cgi-bin/’] CGI-BIN dirs where to search for vulnerable scripts. Pykto will search for vulnerable scripts in many places, one of them is inside cgi-bin directory. The cgi-bin directory can be anything and change from install to install, so its a good idea to make this a user setting. The directories should be supplied comma separated and with a / at the beggining and one at the end. Example: “/cgi/,/cgibin/,/bin/”
admin_dirs list [‘/admin/’, ‘/adm/’] Admin directories where to search for vulnerable scripts. Pykto will search for vulnerable scripts in many places, one of them is inside administration directories. The admin directory can be anything and change from install to install, so its a good idea to make this a user setting. The directories should be supplied comma separated and with a / at the beggining and one at the end. Example: “/admin/,/adm/”
nuke_dirs list [‘/’, ‘/postnuke/’, ‘/postnuke/html/’, ‘/modules/’, ‘/phpBB/’, ‘/forum/’] PostNuke directories where to search for vulnerable scripts. The directories should be supplied comma separated and with aforward slash at the beginning and one at the end. Example:”/forum/,/nuke/”
dbFile input_file plugins/crawl/pykto/scan_database.db The path to the nikto scan_databse.db file. The default scan database file is ok in most cases.
extra_db_file input_file plugins/crawl/pykto/w3af_scan_database.db The path to the w3af_scan_databse.db file. This is a file which has some extra checks for files that are not present in the nikto database.
mutate_tests boolean False Test all files with all root directories Define if we will test all files with all root directories.

Source

For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
github-logoPlugin source code
Unittest source code

Dependencies

This plugin has no dependencies.