Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / livecd.squashfs / etc / nikto / nikto.conf

Wrap

Text File | 2005-10-19 | 4KB | 75 lines

# (c) 2001-2005 cirt.net, All Rights Reserved ######################################################################################################### # CONFIG STUFF ######################################################################################################### # default command line options, can't be an option that requires a value. used for ALL runs. # CLIOPTS=-g -a # location of nmap to use with port scanning (rather than Nikto internals) # and any options to pass to it NMAP=/usr/bin/nmap NMAPOPTS= # ports never to scan SKIPPORTS=21 111 # if Nikto is having difficulty finding 'plugins', set the full path here PLUGINDIR=/usr/share/nikto/plugins # the default HTTP version to try... can/will be changed as necessary DEFAULTHTTPVER=1.1 # Nikto can submit updated version strings to CIRT.net. It won't do this w/o permission. You should # send updates because it makes the data better for everyone ;) *NO* server specific information # such as IP or name is sent, just the relevant version information. # UPDATES=yes #-- ask before each submission if it should send # UPDATES=no #-- don't ask, don't send # UPDATES=auto #-- automatically attempt submission *without prompting* UPDATES=yes # Warning if MAX_WARN OK or MOVED responses are retrieved MAX_WARN=20 # Prompt... if set to 'no' you'll never be asked for anything. Good for automation. #PROMPTS=no ######################################################################################################### # PROXY STUFF ######################################################################################################### # PROXYHOST=127.0.0.1 # PROXYPORT=8080 # PROXYUSER=proxyuserid # PROXYPASS=proxypassword ######################################################################################################### # COOKIE STUFF ######################################################################################################### # send a cookie with all requests, helpful if auth cookie is needed #STATIC-COOKIE=cookiename=cookievalue ######################################################################################################### # VARIABLE'S STUFF ######################################################################################################### # User defined values may be added here, which will be used as replacements for values in # the scan_database.db and user_scan_database.db files. They work the same as @CGIDIRS do. # Any values to be replaced must start with the @ character, such as: @CGIDIRS. An example # line would look like (minus the #): # @ADMINDIRS=/admin/ /administrator/ /adm/ # and the corresponding DB entry would look like (minus the #): # "generic","@ADMINDIRS/passwords.txt","200","GET","Got admin?" # @IP and @HOSTNAME are done automagically # Variables currently only work for the requested file portion of a check ######################################################################################################### # this must be defined or just /cgi-bin/ will be tried @CGIDIRS=/cgi.cgi/ /webcgi/ /cgi-914/ /cgi-915/ /bin/ /cgi/ /mpcgi/ /cgi-bin/ /ows-bin/ /cgi-sys/ /cgi-local/ /htbin/ /cgibin/ /cgis/ /scripts/ /cgi-win/ /fcgi-bin/ /cgi-exe/ /cgi-home/ /cgi-perl/ # These are for nikto_mutate.plugin. Each will be substituted with *every* file and path! # This can make for an insane number of checks. @MUTATEDIRS=/....../ /members/ /porn/ /restricted/ /xxx/ @MUTATEFILES=xxx.htm xxx.html porn.htm porn.html # Other variables that can be used in the scan DB @ADMINDIRS=/admin/ /adm/ @USERS=adm bin daemon ftp guest listen lp mysql noaccess nobody nobody4 nuucp operator root smmsp smtp sshd sys test unknown uucp web www @NUKE=/ /postnuke/ /postnuke/html/ /modules/ /phpBB/ /forum/