Closed digininja closed 7 years ago
Not sure what it is matching in the page as there isn't a flood
The check is doing a Sign\sUp
so it seems that 404 is containing this response
It does contain that string, looks like you've found it.
On Tue, 22 Nov 2016 at 15:30 RealRancor notifications@github.com wrote:
Not sure what it is matching in the page as there isn't a flood
The check is doing a Sign\sUp so it seems that 404 is containing this response
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/429#issuecomment-262272081, or mute the thread https://github.com/notifications/unsubscribe-auth/AAHJWbR7gWPB6FSbJRsNpngMar_4qjA2ks5rAwqqgaJpZM4K5kbz .
If you have such custom build 404s on pages (which is probably also the case in #430) then have a look at the -404string command line options of nikto to mark these 404 pages as a 404.
I poked at a bunch of these via inurl, and don't see anything better or more unique to match on, really.
I just got this false positive when scanning a site:
Not sure what it is matching in the page as there isn't a flood of false positives like there can be when the 404 page does something special.