[Nikto-discuss] Plugins with SQLite
David Lodge
dave at cirt.net
Thu Sep 11 15:05:23 UTC 2008
I have a version of nikto on my dev box ready to svn up, which uses SQLite
for the database backend. At the moment I have only one database moved
into the format: that is for the httpoptions plugin.
I've thought about this for a while, the pros and cons of using a real
database back end are below:
Pros:
* Less resource use (at the moment nikto reads all the db files into
memory)
* Faster lookups
* Better checking for uniqueness of plugins (unique nikto_id)
* Better management of nikto_ids
Cons:
* Dependancy on SQLite and DBD::Sqlite
* Rewriting work require over nikto
* Rework over the updated backend
* Have to go through a client to update databases
I chose SQLite as it was small, fast and complete, allowing simple file
distribution.
The way to use the database from a plugin is to use the following methods:
1. $dbhandle = initalise_db("db_httpoptions");
Performs all the checks to whether we can connect to the database,
including selecting from the metadata table. Returns a valid dbhandle.
2. Perform normal DBI stuff
3. close_db($dbhandle);
Closes down the database.
The database file must contain a table called metadata. Each row contains
two fields: name and contents. There must be one row with a name of
"version". All other tables and their format are up to the plugin author
(db_httpoptions just contains one table: httpoptions).
Any thoughts or comments before I commit or scrap this work?
Thanks
dave
More information about the Nikto-discuss
mailing list