[Nikto-discuss] Nikto Test ID Ouput

David Lodge dave at cirt.net
Tue Nov 4 18:46:49 UTC 2008


On Wed, 15 Oct 2008 17:31:15 +0100, Court Little  
<CourtLittle at solutionary.com> wrote:
> Does anyone know of a way to get the Nikto Test ID field from the Scan
> Databse Field Value to output in a report, preferably in the output when
> called by Nessus?

No, not easily and there is a bug about this already:  
http://trac2.assembla.com/Nikto_2/ticket/58

As it states in the comments field:
----------------cut here--------------
It's a good idea; and I like what you're doing here (as it aids the  
repeatability or a test and show differences 'twixt two tests).

Unfortunately, as it's currently written it won't work, either on 2.03, or  
on the trunk version, as several items aren't written to the TESTS hash  
unless they're successfully tested.

What's worse is that, in trying to make nikto thread safe, I'm cutting out  
a lot of global variables and the TESTS variable is one of those destined  
for the chop (globals being the bane of threading).

I'm going to leave this call open, and when I rework the plugin  
architecture I'll ensure that a method to accurately record all tests to  
be performed in the plugin is part of it.
----------------cut here--------------

So it is an aim for the future versions of nikto (I'm a big fan of  
repeatability in pen testing); though I can't guarantee that it'll be in  
for nikto 2.10

Thanks

dave



More information about the Nikto-discuss mailing list