WebApp Sec mailing list archives
Getting WISKTO v1.63.2279.18538 working correctly !
From: "cgi phantom" <webapps3c () gmail com>
Date: Mon, 26 Mar 2007 11:24:58 +1000
Hi All, I know most of us use tools to conduct the initial phases of web app pen-test. One tool which caught my eye was Wikto - Web Server Assessment Tool by the bainy bunch at SensePost. From the SensePost website... " Wikto is Nikto for Windows - but with a couple of fancy extra features including Fuzzy logic error code checking, a back-end miner, Google assisted directory mining and real time HTTP request/response monitoring. Wikto is coded in C# and requires the .NET framework." This is a very useful tool and I personally think it's a must in a pen-testers toolkit. Here are come of the features: CGI checker - it uses Nikto (it actually uses NIkto's database) Web Server Fingerprinting (via HTTPrint) Mirroring, link, and directory detection (HTTrack) BackEnd miner SSL Support Automated google-hacking The first thing I wanted to do when I installed Wikto was start scanning my targets with Wikto, but first you have to make sure that all the components are up-to-date and a proper configuration is being used. Easier said that done (hence me sending this email to the list). 1. Acquiring the Google API key: You will need a key from Google to have access to the Google API. You are limited 1000 requests a day. One you visit http://api.google.com you will see many API's which Google has. The one that we are interested in (and not mentioned in any of the Wikto reference material) is Google Data Data API (http://code.google.com/apis/base/ ). Click on the "API Key" under the "Related Links" section, then follow the instructions, click "Sign Me Up", follow the instructions again, click "Continue" and you will see the Google API Key displayed . 2. HTTrack and HTTPrint need to be downloaded from their respective locations and installed. You will need to configure Wikto to where it will use the executable. 3. The entries in "Update sites" of Wikto section need to be changed since the DB's and schema's don't exist in those locations anymore. a. With the latest version of Wikto (v1.63.2279.18538), the Nikto DB updated is pointing to http://www.cirt.net/nikto/UPDATES/ 1.34/scan_database.db this is INCORRECT and needs to me changed to http://www.cirt.net/nikto/UPDATES/1.36/scan_database.db . So do that if you want to get the latest Nikto Db b. The location of the GoogleHack DB is also incorrect. Actually, the schema.xml file does not exist anymore in XML format. It is kept up-to-date by Johnny but is sub sectioned and is in PHP format now. So, I had 2 options here, one, I could of downloaded the individual GHDB and combined and created a new XML schema file (without knowing the original format) or I could jsut find an older version of the schema.xml file just to get Wikto working then add updates when I had time. I chose to find an older version. I found of at http://web.archive.org/web/20060112052059/http://johnny.ihackstuff.com/xml/schemal.xml Yes, there is a Jume 2006 schema.xml intact and I downloaded it into the Database directory of Wikto and it worked. I will updated the schema.xml filled later with the latest updates from Johnny's site. But if someone has ALREADY done so, please share ! c. The BackEnd DB updates are not available from SensePost anymore ! Can anymore assist, SensePost do you still update teh BackEnd DB files and where can we obtain them from ? Or does anymore else have a recent copy of the updated DB ? Ok, so here is a list of some adventures you will have when trying to configure and use Wikto v1.63.2278.18538. If anyone has any tips or anything else in that nature which may be of assistance. R/ CGI Phantom ------------------------------------------------------------------------- Sponsored by: WatchfireWatchfire was recently named the worldwide market leader in Web application security assessment tools by both Gartner and IDC. Download a free trial of AppScan today and see why more customers choose AppScan then any other solution.
https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008fHP --------------------------------------------------------------------------
Current thread:
- Getting WISKTO v1.63.2279.18538 working correctly ! cgi phantom (Mar 25)