testing/nikto: new aport

1 files changed, 82 insertions, 0 deletions

diff --git a/testing/nikto/nikto.conf.base b/testing/nikto/nikto.conf.base
new file mode 100644
index 0000000000..3f17dfef2a
--- /dev/null
+++ b/testing/nikto/nikto.conf.base
@@ -0,0 +1,82 @@
+#########################################################################################################
+# CONFIG STUFF
+# $Id: config.txt 94 2009-01-21 22:47:25Z deity $
+#########################################################################################################
+
+# default command line options, can't be an option that requires a value.  used for ALL runs.
+# CLIOPTS=-g -a
+
+# ports never to scan
+SKIPPORTS=21 111
+
+# User-Agent variables:
+ # @VERSION 	- Nikto version
+ # @TESTID 	- Test identifier
+ # @EVASIONS 	- List of active evasions
+USERAGENT=Mozilla/5.00 (Nikto/@VERSION) (Evasions:@EVASIONS) (Test:@TESTID)
+
+# RFI URL. This remote file should return a phpinfo call, for example: <?php phpinfo(); ?>
+# You may use the one below, if you like.
+RFIURL=http://cirt.net/rfiinc.txt?
+
+# IDs never to alert on (Note: this only works for IDs loaded from db_tests)
+#SKIPIDS=
+
+# The DTD
+NIKTODTD=docs/nikto.dtd
+
+# the default HTTP version to try... can/will be changed as necessary
+DEFAULTHTTPVER=1.0
+
+# Nikto can submit updated version strings to CIRT.net. It won't do this w/o permission. You should
+# send updates because it makes the data better for everyone ;)  *NO* server specific information
+# such as IP or name is sent, just the relevant version information.
+# UPDATES=yes  	- ask before each submission if it should send
+# UPDATES=no   	- don't ask, don't send
+# UPDATES=auto 	- automatically attempt submission *without prompting*
+UPDATES=yes
+
+# Warning if MAX_WARN OK or MOVED responses are retrieved
+MAX_WARN=20
+
+# Prompt... if set to 'no' you'll never be asked for anything. Good for automation.
+#PROMPTS=no
+
+# cirt.net : set the IP so that updates can work without name resolution -- just in case
+CIRT=174.142.17.165
+
+# Proxy settings -- still must be enabled by -useproxy
+#PROXYHOST=127.0.0.1
+#PROXYPORT=8080
+#PROXYUSER=proxyuserid
+#PROXYPASS=proxypassword
+
+# Cookies: send cookies with all requests
+# Multiple can be set by separating with a semi-colon, e.g.:
+# "cookie1"="cookie value";"cookie2"="cookie val" 
+#STATIC-COOKIE=
+
+# The below allows you to vary which HTTP methods are used to check whether an HTTP(s) server 
+# is running. Some web servers, such as the autopsy web server do not implement the HEAD method
+CHECKMETHODS=HEAD GET
+
+# If you want to specify the location of any of the files, specify them here
+EXECDIR=/etc/nikto				# Location of Nikto
+PLUGINDIR=/etc/nikto/plugins			# Location of plugin dir
+DBDIR=/etc/nikto/databases			# Location of plugin dir
+TEMPLATEDIR=/etc/nikto/templates		# Location of tempmlate dir
+DOCDIR=/etc/nikto/docs			# Location of docs dir
+
+# Default plugin macros
+@@MUTATE=dictionary;subdomain
+@@DEFAULT=@@ALL;-@@MUTATE;tests(report:500)
+
+#Choose SSL libs 
+# Options: 
+# SSLeay        - use Net::SSLeay 
+# SSL           - use Net::SSL 
+# auto          - automatically choose whats available 
+#                 (SSLeay wins if both are available) 
+LW_SSL_ENGINE=auto
+
+