Practical Hacking Techniques and Countermeasures

Prev | Current Page 275 | Next

Mark D. Spivey

"Practical Hacking Techniques and Countermeasures"

Multiple options can be used by stringing the numbers
together, i.e., to enable methods 1 and 5, use -e 15. The
valid options are (use the number preceeding each
description):
1 Random URI encoding (non-UTF8)
2 Add directory self-reference /./
3 Premature URL ending
4 Prepend long random string to request
5 Fake parameters to files
6 Tab as request spacer instead of spaces
7 Random case sensitivity
8 Use Windows directory separator instead of /
9 Session splicing See the LibWhisker source for more
information, or http://www.wiretrip.net/
718 Practical Hacking Techniques and Countermeasures
Chapter Tool Syntax
Chapter 8
(continued)
Nikto -findonly Use port scan to find valid HTTP and HTTPS
ports only, but do not perform checks against them.
-Format Output format for the file specified with the -
output option. Valid formats are: HTM HTML output
format. TXT Text output format. This is the default if -F
is not specified. CSV Comma-Separated Value format.
-generic Force full scan rather than trusting the "Server:"
identification string, as many servers allow this to be
changed.
-host Target host(s) to check
against. This can be an IP address or hostname, or a file
of IPs or hostnames. If this argument is a file, it should
be formatted as described below. This is the only
required option.
-id HTTP Authentication use,
format is userid:password for authorizing Nikto to a
Web server realm.

Pages:
263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287

Recollections of Calcutta for over Half a Century (page 117) The Time Traders (page 226) A Text-Book of the History of Painting (page 418)

Electronic Books

Mark D. Spivey

"Practical Hacking Techniques and Countermeasures"