Friday 23 March 2018

Using NIKTO through a proxy

***Using Nikto through a HTTP proxy bound with SSL***


Scenario:

Address to scan (host) is: 127.0.0.1:10443
Through the proxy (useproxy): 10.11.1.252:8888

Our command would look like...
perl /usr/bin/nikto  -host https://127.0.0.1:10443 -useproxy http://10.11.1.252:8888


This will fail because there is a known issue with the SSL auto function in the /etc/nikto.conf file


First edit: /etc/nikto.conf

edit line 79

From:
LW_SSL_ENGINE=auto

To:
LW_SSL_ENGINE=SSLeay




Tuesday 20 February 2018

Cheetsheet - Image File Extraction

Extracting Data from Images Cheat sheet

Use Binwalk to view the content of a file

# binwalk


Extract everythign from the file

#binwalk -ME

Search for hidden data

steghide extract -sF filename