温馨提示×

登 录 注册有礼
云服务器 香港服务器 高防服务器
最新更新 网站标签 地图导航
产品

如何扫描网站的漏洞

小新
230
2021-01-16 08:25:06
栏目: 云计算

如何扫描网站的漏洞

扫描网站漏洞的方法:

可以使用Nikto开源Web服务器扫描程序来扫描网站的漏洞,比如扫描使用SSL的网站以pbs.org为例:

使用命令:“nikto -h pbs.org -ssl”来扫描,得到结果如下:

- Nikto v2.1.6
------------------------------------------------------------------------------
- STATUS: Starting up!
+ Target IP: 54.225.198.196
+ Target Hostname: pbs.org
+ Traget Port: 443
------------------------------------------------------------------------------
+ SSl Info: Subject: /CN=www.pbs.org
Altnames: account.pbs.org, admin.pgs.org, dipsy-tc.pbs.org, docs.pbs.org, ga.video.cdn.pbs.org, git.pbs.org, heart.ops.pbs.org, hub-dev.pbs.org, image.pbs.org,
jaws..pbs.org, kids.pbs.org, koth-qa.svp.pbs.org, login.pbs.org, ops.pbs.org, pbs.org, player.pbs.org, projects.pbs.org, sentry.pbs.org, teacherline.pbs.org,
urs.pbs.org, video.pbs.org, weta-qa.svp.pbs.org, whut-qa.svp.pbs.org, wnet.video-qa.pbs.org, wnet.video-staging.pbs.org, www-cache.pbs.org, www.pbs.org
Ciphers: ECDHE-RSA-AES128-GCM-SHA256
Issuer: /C-US/0=Let's Encrypt/CN=Let's Encrypt Authority X3
+ Start Time: 2018-12-05 23:34:06 (GMT-8)
------------------------------------------------------------------------------
+ Server: nginx
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'x-pbs-fwsrvname' found, with contents: fwcacheproxy1
+ The site uses SSL and the Strict-Transport-Security HTTP header is not defined.
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Root page / redirects to: https://www.pbs.org/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ RC-1918 IP address found in the 'x-pbs-appsvrip' header: The IP is "10.137.181.52".
+ Uncommon header 'x-cache-fs-status' found, with contents: EXPIRED
+ Uncommon header 'x-pbs-appsvrname' found, with contents: fwcacheproxy1
+ Uncommon header 'x-pbs-appsvrip' found, with contents: 10.137.181.52
+ Server leaks inodes via ETags, header found with file /pbs.org.zip, fields: 0x5b96537e 0x1678
+ 7446 requests: 0 error(s) and 10 item(s) reported on remote host
+ End Time: 2018-12-06 00:30:29 (GMT-8) (3383 seconds)
------------------------------------------------------------------------------
+ 1 host(s) tested

0

最新问答

相关问答

相关标签

个人网站 网站环境 网站备案 网站域名 网站服务器 国内网站空间 国外网站空间 海外网站服务器 国外网站服务器 网站免费服务器 国外网站 网站服务器租用 域名备案网站 网站域名注册 网站域名备案查询 网站服务器租用费用 美国外贸网站服务器 网站域名空间 网站空间价格 免费网站空间
产品服务
地区划分
专题活动
帮助支持
关于我们
售后咨询
7*24小时在线电话:400-100-2938
7*24小时在线 QQ:800811969
关注亿速云

亿速云公众号

手机网站二维码

Copyright © Yisu Cloud Ltd. All Rights Reserved. 2018 版权所有

广州亿速云计算有限公司粤ICP备17096448号-1 粤公网安备 44010402001142号增值电信业务经营许可证编号:B1-20181529