Scribd
Upload
125 views3 pages

Nikto

The document reports the results of a scan using the Nikto tool against the target host pip3lee101-juiceshop.herokuapp.com on port 80. It found several potentially interesting archive and certificate files as well as identified some common vulnerabilities and issues such as the lack of an X-XSS-Protection header and entry in the robots.txt that returned a non-forbidden code.

Uploaded by

pip3lee101
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
125 views3 pages

Nikto

The document reports the results of a scan using the Nikto tool against the target host pip3lee101-juiceshop.herokuapp.com on port 80. It found several potentially interesting archive and certificate files as well as identified some common vulnerabilities and issues such as the lack of an X-XSS-Protection header and entry in the robots.txt that returned a non-forbidden code.

Uploaded by

pip3lee101
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

- Nikto v2.1.6/2.1.

5
+ Target Host: pip3lee101-juiceshop.herokuapp.com
+ Target Port: 80
+ GET Retrieved via header: 1.1 vegur
+ GET Retrieved access-control-allow-origin header: *
+ GET The X-XSS-Protection header is not defined. This header can hint to the user
agent to protect against some forms of XSS
+ GET Uncommon header 'feature-policy' found, with contents: payment 'self'
+ GET Uncommon header 'x-recruiting' found, with contents: /#/jobs
+ GET Entry '/ftp/' in robots.txt returned a non-forbidden or redirect HTTP code
(503)
+ GET "robots.txt" contains 1 entry which should be manually viewed.
+ HEAD /pip3lee101-juiceshop.herokuapp.alz: Potentially interesting archive/cert
file found.
+ HEAD /34.201.81.34.tar: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.tar: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.tgz: Potentially interesting archive/cert file found.
+ HEAD /herokuapp.pem: Potentially interesting archive/cert file found.
+ HEAD /site.tar.bz2: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuapp.tar: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshopherokuapp.tgz: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.tgz: Potentially interesting
archive/cert file found.
+ HEAD /site.tar.lzma: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuapp.alz: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.tar.lzma: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.egg: Potentially interesting
archive/cert file found.
+ HEAD /com.tar: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuapp.cer: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.tar: Potentially interesting archive/cert
file found.
+ HEAD /herokuapp.tgz: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.tar.lzma: Potentially interesting
archive/cert file found.
+ HEAD /backup.tar.lzma: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.cer: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.tar.bz2: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.tar: Potentially interesting
archive/cert file found.
+ HEAD /34.201.81.34.alz: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.tgz: Potentially interesting
archive/cert file found.
+ HEAD /com.jks: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.jks: Potentially interesting archive/cert
file found.
+ HEAD /herokuapp.jks: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.egg: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.war: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuapp.tar.bz2: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop.tar.lzma: Potentially interesting archive/cert file
found.
+ HEAD /34.201.81.34.tar.lzma: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.alz: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.alz: Potentially interesting
archive/cert file found.
+ HEAD /backup.jks: Potentially interesting archive/cert file found.
+ HEAD /34.201.81.34.pem: Potentially interesting archive/cert file found.
+ HEAD /backup.tar: Potentially interesting archive/cert file found.
+ HEAD /com.tgz: Potentially interesting archive/cert file found.
+ HEAD /34.201.81.34.tgz: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.jks: Potentially interesting
archive/cert file found.
+ HEAD /site.pem: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.tar.bz2: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.egg: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.cer: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuapp.pem: Potentially interesting archive/cert
file found.
+ HEAD /backup.pem: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.tar: Potentially interesting
archive/cert file found.
+ HEAD /backup.alz: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.tgz: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.alz: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.war: Potentially interesting archive/cert
file found.
+ HEAD /herokuapp.tar.bz2: Potentially interesting archive/cert file found.
+ HEAD /com.egg: Potentially interesting archive/cert file found.
+ HEAD /com.tar.lzma: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuapp.jks: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshopherokuapp.war: Potentially interesting archive/cert
file found.
+ HEAD /site.egg: Potentially interesting archive/cert file found.
+ HEAD /34.201.81.34.cer: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.tar.bz2: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshop.alz: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.pem: Potentially interesting archive/cert
file found.
+ HEAD /site.jks: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.war: Potentially interesting
archive/cert file found.
+ HEAD /herokuapp.tar.lzma: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.tar.lzma: Potentially interesting
archive/cert file found.
+ HEAD /com.war: Potentially interesting archive/cert file found.
+ HEAD /herokuapp.alz: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.egg: Potentially interesting archive/cert
file found.
+ HEAD /com.alz: Potentially interesting archive/cert file found.
+ HEAD /herokuapp.cer: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.pem: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.pem: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.cer: Potentially interesting archive/cert
file found.
+ HEAD /site.war: Potentially interesting archive/cert file found.
+ HEAD /backup.tar.bz2: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop_herokuapp_com.jks: Potentially interesting
archive/cert file found.
+ HEAD /34.201.81.34.jks: Potentially interesting archive/cert file found.
+ HEAD /com.pem: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.cer: Potentially interesting archive/cert
file found.
+ HEAD /com.tar.bz2: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.war: Potentially interesting archive/cert
file found.
+ HEAD /backup.cer: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.tgz: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.tar: Potentially interesting archive/cert
file found.
+ HEAD /34.201.81.34.tar.bz2: Potentially interesting archive/cert file found.
+ HEAD /herokuapp.tar: Potentially interesting archive/cert file found.
+ HEAD /34.201.81.34.egg: Potentially interesting archive/cert file found.
+ HEAD /herokuapp.war: Potentially interesting archive/cert file found.
+ HEAD /site.tar: Potentially interesting archive/cert file found.
+ HEAD /site.cer: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.pem: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshop.cer: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.jks: Potentially interesting archive/cert file found.
+ HEAD /site.tgz: Potentially interesting archive/cert file found.
+ HEAD /com.cer: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.pem: Potentially interesting archive/cert file found.
+ HEAD /backup.tgz: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.war: Potentially interesting archive/cert file found.
+ HEAD /backup.war: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuapp.egg: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop.herokuapp.tar.bz2: Potentially interesting
archive/cert file found.
+ HEAD /34.201.81.34.war: Potentially interesting archive/cert file found.
+ HEAD /site.alz: Potentially interesting archive/cert file found.
+ HEAD /backup.egg: Potentially interesting archive/cert file found.
+ HEAD /herokuapp.egg: Potentially interesting archive/cert file found.
+ HEAD /pip3lee101-juiceshop.tar.bz2: Potentially interesting archive/cert file
found.
+ HEAD /pip3lee101-juiceshop.herokuapp.com.tar.lzma: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuapp.tar.lzma: Potentially interesting
archive/cert file found.
+ HEAD /pip3lee101-juiceshopherokuappcom.jks: Potentially interesting archive/cert
file found.
+ HEAD /pip3lee101-juiceshop.egg: Potentially interesting archive/cert file found.
+ OSVDB-3092: GET /public/: This might be interesting...

You might also like