Hello,
I am scanning a
web application and have entered a account and password for HTTP login.
Since the web application requires a form-based login, I have also entered the
appropriate form name (login), URL (/), and username/password field
names (username=%USER%&password=%PASS%) in the HTTP login section. I
have specified the only ports to scan as 80 and 443.
However, it does not
appear Nessus even tries to login to the web application. Certainly it does not
produce any web application vulnerabilities at all.
Also disconcerting
is the fact that Nessus does not run nikto, even though it is in the
path.
I am running Nessus
2.2.8 on RH Linux FC2.
Thank You
Rui Pereira
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
