[Nikto-discuss] Nikto tests
Sullo
csullo at gmail.com
Wed Jul 15 15:25:35 UTC 2009
On Mon, Jul 13, 2009 at 6:02 PM, David Lodge <dave at cirt.net> wrote:
> On Mon, 13 Jul 2009 22:41:30 +0100, Sammy Sossa <sammy.sossa20 at gmail.com>
> wrote:
> > How do I go about making Nikto run my User-defined tests only? Do I just
> > delete the db files from plugin directory, and keep my udb files?
>
> There's no current support for doing this, I could add it as a tuning
> option for Nikto 2.1.0 if required (as it would be quite easy). Possibly
> the easiest way would be to edit the db_ files and replace them with your
> tests. Deleting them will cause nikto to bring up errors.
>
I was going to suggest options "-T 0123456789abcx" which should exclude
("x") every test class. You would then put your tests in the user database
with a type of "d" or something, and they should be the only ones run...
however, it doesn't work. Many tests still seem to run.
I filed ticket #84 for this..
http://trac2.assembla.com/Nikto_2/ticket/84
Then I tried creating the user tests with a type of "d" and ran "-T d" which
should only run class "d" tests, but that didn't work either. So the whole
tuning include/exclude thing needs to be vetted to see what I screwed up
there :-)
-Sullo
--
http://www.cirt.net | http://www.osvdb.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/nikto-discuss/attachments/20090715/47214af3/attachment.html
More information about the Nikto-discuss
mailing list