[Nikto-discuss] Plugins with SQLite

David Lodge dave at cirt.net
Thu Sep 11 15:05:23 UTC 2008

I have a version of nikto on my dev box ready to svn up, which uses SQLite  
for the database backend. At the moment I have only one database moved  
into the format: that is for the httpoptions plugin.

I've thought about this for a while, the pros and cons of using a real  
database back end are below:
* Less resource use (at the moment nikto reads all the db files into  
* Faster lookups
* Better checking for uniqueness of plugins (unique nikto_id)
* Better management of nikto_ids

* Dependancy on SQLite and DBD::Sqlite
* Rewriting work require over nikto
* Rework over the updated backend
* Have to go through a client to update databases

I chose SQLite as it was small, fast and complete, allowing simple file  

The way to use the database from a plugin is to use the following methods:
1. $dbhandle = initalise_db("db_httpoptions");
    Performs all the checks to whether we can connect to the database,  
including selecting from the metadata table. Returns a valid dbhandle.
2. Perform normal DBI stuff
3. close_db($dbhandle);
    Closes down the database.

The database file must contain a table called metadata. Each row contains  
two fields: name and contents. There must be one row with a name of  
"version". All other tables and their format are up to the plugin author  
(db_httpoptions just contains one table: httpoptions).

Any thoughts or comments before I commit or scrap this work?



More information about the Nikto-discuss mailing list