Linux Memo/Security
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
]
開始行:
*Security [#k2e0964d]
RIGHT:更新日 &lastmod();
**Nikto(ニキト) [#yfddf7c2]
NiktoはWebサーバおよびWebアプリケーションの脆弱性をスキャ...
で、結果をOSVDB([[http://osvdb.org/]])[脆弱性に関するオー...
***インストール [#sd07c331]
[[ここ:http://www.cirt.net/code/nikto.shtml]]からDownload...
$ tar zxvf nikto-current.tar.gz
$ cd nikto-2.00
***実行 [#kaf0cc26]
./nikto.pl -host (host名)
- ***** SSL support not available (see docs for SSL inst...
--------------------------------------------------------...
- Nikto 2.00/2.00 - www.cirt.net
+ Target IP: 192.168.xxx.xxx
+ Target Hostname: xxxxxx
+ Target Port: 80
+ Start Time: 2007-11-17 14:59:37
--------------------------------------------------------...
+ Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9....
- Retrieved X-Powered-By header: PHP/5.2.1
+ /robots.txt - contains 1 'disallow' entry which should...
(added to mutation file lists) (GET).
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
(略)
+ OSVDB-12184: GET /index.php?=PHPB8B5F2A0-3C92-11d3-A3A...
reveals potentially sensitive information via certain HT...
contain specific QUERY strings.
+ 4342 items checked: 17 item(s) found on remote host
+ End Time: 2007-11-17 14:59:49 (12 seconds)
--------------------------------------------------------...
+ 1 host(s) tested
***解析 [#d6f34dde]
OSVDB-12184でのセキュリティの問題はOSVDB([[http://osvdb.o...
''(e.g.)''~
OSVDB-12184 -> /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7...
[対策]php.iniのexpose_php="Off"にする。~
***telnetでport80にアクセス [#x661d2b7]
実際にコマンドレベルでアクセスするといろいろ見える
$ telnet uso5004 80
Trying 192.244.75.246...
Connected to uso5004.
Escape character is '^]'.
OPTIONS * HTTP/1.1
HTTP/1.1 400 Bad Request <==リクエストが*なのでみつから...
Date: Fri, 16 Nov 2007 07:42:14 GMT
Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7d
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
終了行:
*Security [#k2e0964d]
RIGHT:更新日 &lastmod();
**Nikto(ニキト) [#yfddf7c2]
NiktoはWebサーバおよびWebアプリケーションの脆弱性をスキャ...
で、結果をOSVDB([[http://osvdb.org/]])[脆弱性に関するオー...
***インストール [#sd07c331]
[[ここ:http://www.cirt.net/code/nikto.shtml]]からDownload...
$ tar zxvf nikto-current.tar.gz
$ cd nikto-2.00
***実行 [#kaf0cc26]
./nikto.pl -host (host名)
- ***** SSL support not available (see docs for SSL inst...
--------------------------------------------------------...
- Nikto 2.00/2.00 - www.cirt.net
+ Target IP: 192.168.xxx.xxx
+ Target Hostname: xxxxxx
+ Target Port: 80
+ Start Time: 2007-11-17 14:59:37
--------------------------------------------------------...
+ Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9....
- Retrieved X-Powered-By header: PHP/5.2.1
+ /robots.txt - contains 1 'disallow' entry which should...
(added to mutation file lists) (GET).
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS, TRACE
(略)
+ OSVDB-12184: GET /index.php?=PHPB8B5F2A0-3C92-11d3-A3A...
reveals potentially sensitive information via certain HT...
contain specific QUERY strings.
+ 4342 items checked: 17 item(s) found on remote host
+ End Time: 2007-11-17 14:59:49 (12 seconds)
--------------------------------------------------------...
+ 1 host(s) tested
***解析 [#d6f34dde]
OSVDB-12184でのセキュリティの問題はOSVDB([[http://osvdb.o...
''(e.g.)''~
OSVDB-12184 -> /index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7...
[対策]php.iniのexpose_php="Off"にする。~
***telnetでport80にアクセス [#x661d2b7]
実際にコマンドレベルでアクセスするといろいろ見える
$ telnet uso5004 80
Trying 192.244.75.246...
Connected to uso5004.
Escape character is '^]'.
OPTIONS * HTTP/1.1
HTTP/1.1 400 Bad Request <==リクエストが*なのでみつから...
Date: Fri, 16 Nov 2007 07:42:14 GMT
Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.7d
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
ページ名:
![[PukiWiki]](image/../localimages/Atom.gif "[PukiWiki]")
