Open Towky opened 5 years ago
So the problem here is that the website isn't returning a sensible HTTP(s) result:
V:Fri Jan 11 04:23:31 2019 - Checking for HTTPS on port 10.0.0.90:443, using HEAD
V:Fri Jan 11 04:23:31 2019 - for HEAD:
V:Fri Jan 11 04:23:31 2019 - Checking for HTTP on port 10.0.0.90:443, using HEAD
V:Fri Jan 11 04:23:31 2019 - for HEAD:
V:Fri Jan 11 04:23:31 2019 - Checking for HTTPS on port 10.0.0.90:443, using GET
V:Fri Jan 11 04:23:31 2019 - for GET:
V:Fri Jan 11 04:23:31 2019 - Checking for HTTP on port 10.0.0.90:443, using GET
V:Fri Jan 11 04:23:31 2019 - for GET:
This could be for a few reasons; SNI may be required, the server may be detecting depending on User-Agent, or it could be a bug.
So the first thing I'd try is changing the user-agent, by using: nikto.pl -Option USERAGENT=Mozilla -url https://10.0.0.90/9999/
If that doesn't work, could you try and add -D D to the command line which will dump the request and response hash; this may reveal the real error message.
I second this. I found that Nikto had a similar error and despite changing the user agent the issue still persists.
I am having this same issue. Using Nikto 2.1.6. The tool works fine on one server, but this issue on a different server. Same versions of Nikto.
If i remember correctly the webapplication i was testing in my post above had no default virtualhost listening on all incoming hostnames.
root@kali:~# nikto -host https://10.0.0.90/9999/ -vhost host.domain.de
- Nikto v2.1.6
---------------------------------------------------------------------------
+ No web server found on 10.0.0.90:443
---------------------------------------------------------------------------
+ 0 host(s) tested
We also got trouble in this configuration to get our loadbalancer running, so we had to change it. So i can't test it at the moment.
@bigj75024 Are you using the "-vhost" Flag?
Okay, i tested the issue in my test enviroment and I can confirm the error occurs if i run nikto with the -vhost option against an https webservice running on IIS 8.5 if there is no default https listener.
If i create a default listener for https on port 443 everything works fine.
Edit: unencryptet http (port 80) works fine even without default listener. Maybe it has something todo with the different reply from the webserver if there are no default listener
root@kali:~# curl -I http://10.0.100.166/ HTTP/1.1 404 Not Found Content-Length: 315 Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Thu, 10 Oct 2019 08:24:52 GMT Connection: close
root@kali:~# curl -I https://10.0.100.166/ --insecure curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 10.0.100.166:443
Edit2: After a few tests it seems it could also have something todo with SNI (server name indication) if i remove the SNI option, even with no default vhost it works.
It seems the (IIS) Webserver at least has to have one https listener without SNI.
root@kali:~curl -I https://10.0.100.166/ --insecure HTTP/1.1 404 Not Found Content-Length: 315 Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Thu, 10 Oct 2019 10:06:41 GMT Connection: close
root@kali:~# curl -I http://10.0.100.166/ HTTP/1.1 404 Not Found Content-Length: 315 Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Thu, 10 Oct 2019 10:08:26 GMT Connection: close
Thank you for the reply. I was able to resolve my issue last night by modifying the minprotocol value in the config file for openssl to negotiate TLS1 instead of TLS1.2.
Thanks again!
On Thu, Oct 10, 2019, 2:59 AM Towky notifications@github.com wrote:
Okay, i tested the issue in my test enviroment and I can confirm the error occurs if i run nikto with the -vhost option against an https webservice running on IIS 8.5 if there is no default https listener.
If i create a default listener for https on port 443 everything works fine.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/585?email_source=notifications&email_token=AHBVMHLLWQRSI25SJ7TULRLQN3OHBA5CNFSM4GPMUGQKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEA3JQJA#issuecomment-540448804, or unsubscribe https://github.com/notifications/unsubscribe-auth/AHBVMHMBGA3H5FZXNRYV5YDQN3OHBANCNFSM4GPMUGQA .
@bigj75024
Apprecaite your reply, save my life. For others, it may help https://stackoverflow.com/questions/53058362/openssl-v1-1-1-ssl-choose-client-version-unsupported-protocol
Glad I could help.
This is good info, thanks. I wonder how we can do this in the config and pass through? I'll have to do some reading.
On Thu, Dec 19, 2019 at 10:40 AM bigj75024 notifications@github.com wrote:
Glad I could help.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/585?email_source=notifications&email_token=AALICRBYL7G7BMLSF5KLD33QZOIXFA5CNFSM4GPMUGQKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEHKAA3Q#issuecomment-567541870, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALICRDYBMQPR3RJAIJCWFLQZOIXFANCNFSM4GPMUGQA .
--
vhost have to before host try
root@kali:~# nikto -vhost host.domain.de -host https://10.0.0.90/9999/
I'm a windows user and when I run with administrator it worked fine,
I was getting the No web server found on 10.11.1.237:443
message as well, however curl also did not work.
curl: (35) error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small
I resolved this by editing the following in /etc/ssl/openssl.cnf
[system_default_sect]
MinProtocol = TLSv1.1
CipherString = DEFAULT@SECLEVEL=1
Hopefully this helps someone else who stumbles across this post.
Disclaimer I am working in a lab environment with VMs. Not a suggested fix for your normal OS.
In my own case (on Kalinux) I had to install ssl support for perl as follows:
aptitude install libio-socket-ssl-perl
aptitude install libcrypt-ssleay-perl
As mentioned in https://github.com/sullo/nikto/issues/250#issuecomment-453040897 i got the Message "No web server found on x.x.x.x"
Webserver configuration: Microsoft Internet Information Service 8.5 1 binding: https on vhost "host.domain.de" port 443 on any ip-adress on the server (here: 10.0.0.90) the certificate is issued by an internal pki (root certificate not trusted by the kali-linux mashine)
Verbose Output:
My first idea was, that the server isn't responding to the IP-Adress, because there is no explicit binding on the ip, just on the vhost.
But checking with curl, the server is responding with "HTTP 404".
Maybe it has something todo with https and the untrusted certificate?
Testing the connection with curl:
**IP-Adresses and DNS/vhost name changed