[Nikto-discuss] Nikto2 + Net::SSLeay memory leak?

mike falter+nikto at gmail.com
Mon Apr 21 18:42:27 UTC 2008

Hi guys,

I know that libwhisker is the fella that bundles up all the SSL connectivity
code, but Nikto2 is the only place where I use it, so it made sense to post
here, first.

I've observed that when running a nikto2 scan on an https connection, the
memory utilization of perl steadily increases over time, until the end of
the scan. When I run a nikto scan against a non-ssl service, watching the
process in top, perl never goes beyond 20 megabytes of memory usage
throughout the scan. With an ssl service, we go through the scan and memory
eventually climbs up to ~90 meg before the scan ends normally. I run
multiple nikto scans in paralell, so every bit of memory counts :)

In my environment, I've got the following:
-nikto 2.02
-Net::SSLeay 1.30 (I've seen it also on 1.25 in other environments)
-Perl 5.8.5
-OpenSSL 0.9.7a (lots of backported fixes... this is on an essentially RHEL4
base, which we've customized a bit)
-Net::SSL 2.84 / Crypt::SSLeay 0.57

I'm not doing anything special when launching nikto:
./nikto.pl -host IP -nolookup -port PORT -ssl -vhost HOSTNAME -Format xml
-output out.xml

Libwhisker will first look for Net::SSLeay, and failing that goes to
Net::SSL. What I've found is that when we use Net::SSLeay, the amount of
memory used by perl keeps increasing. When I removed Net::SSLeay and dropped
in Net::SSL, memory usage never went about 20 megabytes, much like that of
the non-ssl scans we've done.

Like I said, this will probably have to get bounced over to the guys w/
libwhisker, but I'm wondering if anyone else running nikto2 has seen
anything like this?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/nikto-discuss/attachments/20080421/edf7687d/attachment.html 

More information about the Nikto-discuss mailing list