|
| 1 | +#VERSION,2.000 |
| 2 | +####################################################################### |
| 3 | +# File Source: https://cirt.net |
| 4 | +# (c) 2001 Chris Sullo, All Rights Reserved. |
| 5 | +# This file may only be distributed and used with the full Nikto package. |
| 6 | +# This file may not be used with any software product without written permission from |
| 7 | + |
| 8 | +# |
| 9 | +# Note: |
| 10 | +# By submitting updates to this file you are transferring any and all copyright |
| 11 | +# interest in the data to Chris Sullo so it can modified, incorporated into this product |
| 12 | +# relicensed or reused. |
| 13 | +####################################################################### |
| 14 | +# Notes: |
| 15 | +# These can be regular expressions, but will be eval'd case insensitive. |
| 16 | +# Since these are run after every page retrieved, we should try to keep these as fast |
| 17 | +# regular expressions as possible, and limited to only critical findings. |
| 18 | +####################################################################### |
| 19 | +"nikto_id","osvdb","matchstring","message" |
| 20 | +"750500","3268","[iI]ndex [oO]f \/","Directory indexing found." |
| 21 | +"750501","0","Warning(?:<\/b>)?:\s+(?:include|require)(?:_once)?\(","PHP include error may indicate local or remote file inclusion is possible." |
| 22 | +"750502","0","failed to open stream: No such file or directory in (?:<b>)?(?:[a-zA-Z]:\\|\/)","PHP include error reveals the full path to the web root." |
| 23 | +"750503","0","mysql_p?connect\(","Potential PHP MySQL database connection string found." |
| 24 | +"750504","0","pgp_p?connect\(","Potential PHP PostgreSQL database connection string found." |
| 25 | +"750505","0","sqlite_p?open\(","Potential PHP SQLite database connection string found." |
| 26 | +"750506","0","mssql_p?connect\(","Potential PHP MSSQL database connection string found." |
| 27 | +"750507","0","Call to undefined function.*\(\) in \/","PHP error reveals file system path." |
| 28 | +"750508","36099","FrameworkLog.xsl\"\\?>.*<version>(?:[0-2]|3\.(?:[0-5]|6\.0\.(?:[0-4]|5(?:[0-3]|4[0-5]))))","McAfee Common Management Agent 3.6.0.546 and below contain multiple overflows." |
| 29 | +"750509","0","However, we found documents with names similar to the one you requested","The mod_speling module can reveal otherwise 'hidden' files in directories." |
| 30 | +"750510","0","makes use of the Zend Scripting Language","Output from the phpinfo() function was found." |
| 31 | +"750511","0","SQLSTATE\[","A database error may reveal internal details about the running database." |
| 32 | +"750512","0","jetty-dir.css\" REL=\"stylesheet\" TYPE=\"text/css\"\/><TITLE>Directory: \/","Directory indexing found (Jetty)." |
| 33 | +"750513","0","404-server!!","This string is associated with the 'meuhy.php' backdoor file uploader/downloader." |
| 34 | +"750514","0","Brazilians Defacers","This string is associated with pages tagged by HackerBrasilll group." |
| 35 | +"750515","0","HackerBrasilll","This string is associated with pages tagged by HackerBrasilll group." |
| 36 | +"750516","0","plain HTTP to an SSL","You appear to be scanning an HTTPS site with HTTP. This won't work as you expect.." |
| 37 | +"750517","0","plain HTTP request was sent to HTTPS","You appear to be scanning an HTTPS site with HTTP. This won't work as you expect." |
| 38 | +"750518","0","password e-?mailed","Possible cleartext emailing of stored password." |
| 39 | +"750519","0","[T]omcat\s[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}","The detailed Tomcat version is disclosed in error pages." |
0 commit comments