 | ||
|---|---|---|
| 1. Scan Database Field Values | ||
| Prev | Chapter 7. Test & Code Writing | Next |
Though some checks can be found in other plugins, the scan_database.db contains the bulk of the web test information. Here is a description of the field values:
Table 7.1.
| Test ID | Nikto test ID |
| OSVDB-ID | Corresponding vulnerability entry number for osvdb.org |
| Server Type | Generic server matching type |
| URI | URI to retrieve |
| HTTP Method | HTTP method to use for URI |
| Match 1 | String or code to match for successful test |
| Match1 (And) | String or code to also match for successful test |
| Match 1 (Or) | String or code to alternatively match for successful test |
| Fail 1 | String or code to match for test failure |
| Fail 2 | String or code to match for test failure (alternative) |
| Summary | Summary message to report for successful test |
| HTTP Data | HTTP data to be sent during POST tests |
| Headers | Additional headers to send during test |