search

sullo / nikto

Nikto web server scanner
Other
8.36k stars 1.21k forks source link

Bug: Nitko crashed after wildcard cert scan #796

Closed knassar702 closed 9 months ago

knassar702 commented 1 year ago

Expected behavior

Nikto should scan the target with all possible attacks and generating the xml report

Actual behavior

Nikto starts and after finding the wildcard cert it exit without completing the other attacks scan even without the exit message in the CLI

Steps to reproduce

  1. Choose target that's using wildcard certificate
  2. Run this command $ perl program/nikto.pl -Format xml -o out.xml -h yourtarget.com and you will noticed that it exit without completing the task

Nikto version

Nikto v2.1.6

sullo commented 10 months ago

Can't reproduce this one:

./nikto.pl -h https://localhost:4443/ -Format xml -o out.xml 
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Target IP:          127.0.0.1
+ Target Hostname:    localhost
+ Target Port:        4443
---------------------------------------------------------------------------
+ SSL Info:        Subject:  /C=US/CN=*.example.com
                   Ciphers:  ECDHE-RSA-CHACHA20-POLY1305
                   Issuer:   /C=US/CN=*.example.com
+ Start Time:         2023-11-03 11:18:50 (GMT-4)
---------------------------------------------------------------------------
+ Server: SimpleHTTP/0.6 Python/3.9.6
+ Server is using a wildcard certificate: *.example.com. See: https://en.wikipedia.org/wiki/Wildcard_certificate
...

Is there any other information you can provide?

sullo commented 9 months ago

closing due to lack of response