[Nikto-discuss] Plugins with SQLite

Frank Breedijk FBreedijk at schubergphilis.com
Fri Sep 12 07:58:27 UTC 2008 

David,

Using an SQL backend should be an option, not a requirement. One of the great points of nikto atm is its portability lack of prerequisites.

If the SQL backend option is there try to keep it as DBI generic as possible. A lot of boxes already have mysql set up on them and you may find reluctance to add yet another database (YAD;) )

Frank Breedijk
..-. .-. .- -. -.-
T: +31 (0)20-7506500 E: fbreedijk at schubergphilis.com W: www.schubergphilis.com

> -----Original Message-----
> From: nikto-discuss-bounces at attrition.org [mailto:nikto-discuss-
> bounces at attrition.org] On Behalf Of David Lodge
> Sent: 11 September 2008 17:05
> To: nikto-discuss at attrition.org
> Subject: [Nikto-discuss] Plugins with SQLite
>
> I have a version of nikto on my dev box ready to svn up, which uses
> SQLite
> for the database backend. At the moment I have only one database moved
> into the format: that is for the httpoptions plugin.
>
> I've thought about this for a while, the pros and cons of using a real
> database back end are below:
> Pros:
> * Less resource use (at the moment nikto reads all the db files into
> memory)
> * Faster lookups
> * Better checking for uniqueness of plugins (unique nikto_id)
> * Better management of nikto_ids
>
> Cons:
> * Dependancy on SQLite and DBD::Sqlite
> * Rewriting work require over nikto
> * Rework over the updated backend
> * Have to go through a client to update databases
>
> I chose SQLite as it was small, fast and complete, allowing simple file
> distribution.
>
> The way to use the database from a plugin is to use the following
> methods:
> 1. $dbhandle = initalise_db("db_httpoptions");
>     Performs all the checks to whether we can connect to the database,
> including selecting from the metadata table. Returns a valid dbhandle.
> 2. Perform normal DBI stuff
> 3. close_db($dbhandle);
>     Closes down the database.
>
> The database file must contain a table called metadata. Each row
> contains
> two fields: name and contents. There must be one row with a name of
> "version". All other tables and their format are up to the plugin
> author
> (db_httpoptions just contains one table: httpoptions).
>
> Any thoughts or comments before I commit or scrap this work?
>
> Thanks
>
> dave
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss

More information about the Nikto-discuss mailing list