[Nikto-discuss] Nikto Test ID Ouput
dave at cirt.net
Tue Nov 4 18:46:49 UTC 2008
On Wed, 15 Oct 2008 17:31:15 +0100, Court Little
<CourtLittle at solutionary.com> wrote:
> Does anyone know of a way to get the Nikto Test ID field from the Scan
> Databse Field Value to output in a report, preferably in the output when
> called by Nessus?
No, not easily and there is a bug about this already:
As it states in the comments field:
It's a good idea; and I like what you're doing here (as it aids the
repeatability or a test and show differences 'twixt two tests).
Unfortunately, as it's currently written it won't work, either on 2.03, or
on the trunk version, as several items aren't written to the TESTS hash
unless they're successfully tested.
What's worse is that, in trying to make nikto thread safe, I'm cutting out
a lot of global variables and the TESTS variable is one of those destined
for the chop (globals being the bane of threading).
I'm going to leave this call open, and when I rework the plugin
architecture I'll ensure that a method to accurately record all tests to
be performed in the plugin is part of it.
So it is an aim for the future versions of nikto (I'm a big fan of
repeatability in pen testing); though I can't guarantee that it'll be in
for nikto 2.10
More information about the Nikto-discuss