#VERSION,2.001
# $Id: db_variables 300 2010-02-01 21:02:40Z sullo $ 
#######################################################################
# Source: http://cirt.net
# This file may only be distributed and used with the full Nikto package.
# This file may not be used with any software product without written permission from CIRT, Inc.
# (c) 2007 CIRT, Inc., All Rights Reserved.
#
# NOTE: By sending any database updates to CIRT, Inc., it is assumed that you
# grant CIRT, Inc., the unlimited, non-exclusive right to reuse, modify and relicense the changes.
#######################################################################
# Notes:
# Variables which will be used as replacements for values in the scan_database.db and user_scan_database.db files. 
# Any values to be replaced must start with the @ character, such as: @CGIDIRS.
# 
# User defined variables should be set in config.txt as this file may be over-written during updates.
#######################################################################
@CGIDIRS=/cgi.cgi/ /webcgi/ /cgi-914/ /cgi-915/ /bin/ /cgi/ /mpcgi/ /cgi-bin/ /ows-bin/ /cgi-sys/ /cgi-local/ /htbin/ /cgibin/ /cgis/ /scripts/ /cgi-win/ /fcgi-bin/ /cgi-exe/ /cgi-home/ /cgi-perl/
@NUKE=/ /postnuke/ /postnuke/html/ /modules/ /phpBB/ /forum/
@MUTATEDIRS=/....../ /members/ /porn/ /restricted/ /xxx/
@MUTATEFILES=xxx.htm xxx.html porn.htm porn.html
@ADMIN=/admin/ /adm/ /administrator/
@USERS=adm bin daemon ftp guest listen lp mysql noaccess nobody nobody4 nuucp operator root smmsp smtp sshd sys test unknown uucp web www
@PASSWORDDIRS=/ /admin/ /clients/ /pass/ /password/ /passwords/ /store/ /users/ /access/ /members/ /private/ /ccbill/ /dmr/ /mastergate/ /dmr/ /epoch/ /netbilling/ /webcash/ /wwwjoin/ /etc/security/
@PASSWORDFILES=admins clients pass password passwords passwd passwd.adjunct store users .htpasswd .passwd
@PHPMYADMIN=/ /3rdparty/phpMyAdmin/ /phpMyAdmin/
@HTTPFOUND=200 301 302 403
