Monday, September 26, 2011


I have been working on a project for my information security class. It requires me to test and gather information on a server before attempting to penetrate it. I have managed to build a good list of information on the server, but I have not managed to penetrate it yet. Of course I'm trying to do this without the use of scripts or applications designed for this server's vulnerabilities, so I'm doing it the hard way, but honestly, did anyone expect anything less of me?

So I'm working though trying to find all the tools I can use to discover all the possible vulnerabilities and I remember nikto. For those who are not familiar with Nikto, it is a web server vulnerability tool, a very vertically aligned form of metasploit (which I wish had student licenses). Nikto 2 has come along way since the last time I looked at it and seems to be very stable. The thing I like most about Nikto is the mutation capability, being able to change what I need to accomplish my goal. This goes beyond just adding parameter tags, to being able to actively get content loaded on the server. It also has a export to metasploit function which enables this to be added to a pen tester's suite of tools. Nice.

Within a few minutes and a good nmap scan I was able to determine a mostly complete range of vulnerabilities on the project server. Of course the hard part is actually utilizing these vulnerabilities and exploiting them, but then again, that what I'm being graded on. Nikto 2 is working flawlessly on my ubuntu server, my Solaris VM, and my OSX laptop (10.7 Lion).