Untitled

root@kali:~# nikto -h http://10.11.1.133/index.asp
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          10.11.1.133
+ Target Hostname:    10.11.1.133
+ Target Port:        80
+ Start Time:         2018-01-19 12:03:30 (GMT13)
---------------------------------------------------------------------------
+ Server: Microsoft-IIS
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Allowed HTTP Methods: GET, HEAD, POST, OPTIONS
+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
+ OSVDB-44056: /index.asp/sips/sipssys/users/a/admin/user: SIPS v0.2.2 allows user account info (including password) to be retrieved remotely.
+ OSVDB-12184: /index.asp/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /index.asp/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /index.asp/?=PHPE9568F34-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ OSVDB-12184: /index.asp/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42: PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
+ 7541 requests: 1 error(s) and 10 item(s) reported on remote host
+ End Time:           2018-01-19 12:31:24 (GMT13) (1674 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
root@kali:~#