From wkwang at cisco.com Mon Oct 12 14:22:39 2009 From: wkwang at cisco.com (Peter Wang) Date: Mon, 12 Oct 2009 10:22:39 -0400 Subject: [Nikto-discuss] Nikto needs an update on thttpd? Message-ID: Hi, When running Nikto 2.03 scan, Nikto reported an item of thttpd as below. It looked like nikto needs an update on this. Information thttpd/2.25b29dec2003 appears to be outdated (current is at least 2.2426oct2003) Ran ?nikto -update ? didn?t get through, # nikto -update + ERROR (): Unable to get 209.172.49.178/nikto/UPDATES/2.03/versions.txt Let me know if you have update on this issue, Thanks, Peter -------------- next part -------------- An HTML attachment was scrubbed... URL: http://attrition.org/pipermail/nikto-discuss/attachments/20091012/f9008200/attachment.html From csullo at gmail.com Mon Oct 12 14:57:08 2009 From: csullo at gmail.com (Sullo) Date: Mon, 12 Oct 2009 10:57:08 -0400 Subject: [Nikto-discuss] Nikto needs an update on thttpd? In-Reply-To: References: Message-ID: You're not able to resolve cirt.net, apparently, which is why the update is relying on the IP. The IP in the nikto.conf file is incorrect--it should be 174.142.17.165. If you update that and try the -update again, it should work. I'm not sure that the thttpd banner has been updated, but if you still don't see it properly send me the current version and I'll get it updated. -Sullo On Mon, Oct 12, 2009 at 10:22 AM, Peter Wang wrote: > Hi, > > When running Nikto 2.03 scan, Nikto reported an item of thttpd as below. It > looked like nikto needs an update on this. > > Information ?? thttpd/2.25b29dec2003 appears to be outdated (current is at > least 2.2426oct2003) > > Ran ?nikto -update ? didn?t get through, > > # nikto -update > + ERROR (): Unable to get 209.172.49.178/nikto/UPDATES/2.03/versions.txt > > Let me know if you have update on this issue, > > Thanks, > Peter > > > > _______________________________________________ > Nikto-discuss mailing list > Nikto-discuss at attrition.org > https://attrition.org/mailman/listinfo/nikto-discuss > > -- http://www.cirt.net | http://www.osvdb.org/ From wkwang at cisco.com Mon Oct 12 17:51:48 2009 From: wkwang at cisco.com (Peter Wang) Date: Mon, 12 Oct 2009 13:51:48 -0400 Subject: [Nikto-discuss] Nikto needs an update on thttpd? In-Reply-To: Message-ID: Hi Sullo, Thank you for reply. Nikto update works now after I specified -useproxy option. I didn't realize it needs to specify -useproxy at 1st try. It received two file's updates as below, -bash-3.00# ./nikto.pl -update -useproxy + Retrieving 'db_tests' + Retrieving 'db_outdated' + www.cirt.net message: Please submit your bugs!! But thttpd entry didn't get updated, it still has 2.24 as current version. -bash-3.00# grep thttpd db_outdated "600787","thttpd/","2.2426oct2003","@RUNNING_VER appears to be outdated (current is at least @CURRENT_VER)" -Peter On 10/12/09 10:57 AM, "Sullo" wrote: > You're not able to resolve cirt.net, apparently, which is why the > update is relying on the IP. The IP in the nikto.conf file is > incorrect--it should be 174.142.17.165. If you update that and try the > -update again, it should work. > > I'm not sure that the thttpd banner has been updated, but if you still > don't see it properly send me the current version and I'll get it > updated. > > -Sullo > > On Mon, Oct 12, 2009 at 10:22 AM, Peter Wang wrote: >> Hi, >> >> When running Nikto 2.03 scan, Nikto reported an item of thttpd as below. It >> looked like nikto needs an update on this. >> >> Information ?? thttpd/2.25b29dec2003 appears to be outdated (current is at >> least 2.2426oct2003) >> >> Ran ?nikto -update ? didn?t get through, >> >> # nikto -update >> + ERROR (): Unable to get 209.172.49.178/nikto/UPDATES/2.03/versions.txt >> >> Let me know if you have update on this issue, >> >> Thanks, >> Peter >> >> >> >> _______________________________________________ >> Nikto-discuss mailing list >> Nikto-discuss at attrition.org >> https://attrition.org/mailman/listinfo/nikto-discuss >> >> > > From lokeshp at gmail.com Mon Oct 12 18:00:00 2009 From: lokeshp at gmail.com (Lokesh Patakolusu) Date: Mon, 12 Oct 2009 14:00:00 -0400 Subject: [Nikto-discuss] pls unsubscribe me Message-ID: -------------- next part -------------- An HTML attachment was scrubbed... URL: http://attrition.org/pipermail/nikto-discuss/attachments/20091012/aebdc134/attachment.html From csullo at gmail.com Tue Oct 13 13:23:03 2009 From: csullo at gmail.com (Sullo) Date: Tue, 13 Oct 2009 09:23:03 -0400 Subject: [Nikto-discuss] Nikto needs an update on thttpd? In-Reply-To: References: Message-ID: What is the current version? On Mon, Oct 12, 2009 at 1:51 PM, Peter Wang wrote: > Hi Sullo, > > Thank you for reply. Nikto update works now after I specified -useproxy > option. I didn't realize it needs to specify -useproxy at 1st try. > > It received two file's updates as below, > > -bash-3.00# ./nikto.pl -update -useproxy > + Retrieving 'db_tests' > + Retrieving 'db_outdated' > + www.cirt.net message: Please submit your bugs!! > > But thttpd entry didn't get updated, it still has 2.24 as current version. > > -bash-3.00# grep thttpd db_outdated > "600787","thttpd/","2.2426oct2003","@RUNNING_VER appears to be outdated > (current is at least @CURRENT_VER)" > > -Peter > > On 10/12/09 10:57 AM, "Sullo" wrote: > >> You're not able to resolve cirt.net, apparently, which is why the >> update is relying on the IP. The IP in the nikto.conf file is >> incorrect--it should be 174.142.17.165. If you update that and try the >> -update again, it should work. >> >> I'm not sure that the thttpd banner has been updated, but if you still >> don't see it properly send me the current version and I'll get it >> updated. >> >> -Sullo >> >> On Mon, Oct 12, 2009 at 10:22 AM, Peter Wang wrote: >>> Hi, >>> >>> When running Nikto 2.03 scan, Nikto reported an item of thttpd as below. It >>> looked like nikto needs an update on this. >>> >>> Information ?? thttpd/2.25b29dec2003 appears to be outdated (current is at >>> least 2.2426oct2003) >>> >>> Ran ?nikto -update ? didn?t get through, >>> >>> # nikto -update >>> + ERROR (): Unable to get 209.172.49.178/nikto/UPDATES/2.03/versions.txt >>> >>> Let me know if you have update on this issue, >>> >>> Thanks, >>> Peter >>> >>> >>> >>> _______________________________________________ >>> Nikto-discuss mailing list >>> Nikto-discuss at attrition.org >>> https://attrition.org/mailman/listinfo/nikto-discuss >>> >>> >> >> > > -- http://www.cirt.net | http://www.osvdb.org/ From wkwang at cisco.com Tue Oct 13 13:33:11 2009 From: wkwang at cisco.com (Peter Wang) Date: Tue, 13 Oct 2009 09:33:11 -0400 Subject: [Nikto-discuss] Nikto needs an update on thttpd? In-Reply-To: Message-ID: 2.25b29dec2003 On 10/13/09 9:23 AM, "Sullo" wrote: > What is the current version? > > On Mon, Oct 12, 2009 at 1:51 PM, Peter Wang wrote: >> Hi Sullo, >> >> Thank you for reply. Nikto update works now after I specified -useproxy >> option. I didn't realize it needs to specify -useproxy at 1st try. >> >> It received two file's updates as below, >> >> -bash-3.00# ./nikto.pl -update -useproxy >> + Retrieving 'db_tests' >> + Retrieving 'db_outdated' >> + www.cirt.net message: Please submit your bugs!! >> >> But thttpd entry didn't get updated, it still has 2.24 as current version. >> >> -bash-3.00# grep thttpd db_outdated >> "600787","thttpd/","2.2426oct2003","@RUNNING_VER appears to be outdated >> (current is at least @CURRENT_VER)" >> >> -Peter >> >> On 10/12/09 10:57 AM, "Sullo" wrote: >> >>> You're not able to resolve cirt.net, apparently, which is why the >>> update is relying on the IP. The IP in the nikto.conf file is >>> incorrect--it should be 174.142.17.165. If you update that and try the >>> -update again, it should work. >>> >>> I'm not sure that the thttpd banner has been updated, but if you still >>> don't see it properly send me the current version and I'll get it >>> updated. >>> >>> -Sullo >>> >>> On Mon, Oct 12, 2009 at 10:22 AM, Peter Wang wrote: >>>> Hi, >>>> >>>> When running Nikto 2.03 scan, Nikto reported an item of thttpd as below. It >>>> looked like nikto needs an update on this. >>>> >>>> Information ?? thttpd/2.25b29dec2003 appears to be outdated (current is at >>>> least 2.2426oct2003) >>>> >>>> Ran ?nikto -update ? didn?t get through, >>>> >>>> # nikto -update >>>> + ERROR (): Unable to get 209.172.49.178/nikto/UPDATES/2.03/versions.txt >>>> >>>> Let me know if you have update on this issue, >>>> >>>> Thanks, >>>> Peter >>>> >>>> >>>> >>>> _______________________________________________ >>>> Nikto-discuss mailing list >>>> Nikto-discuss at attrition.org >>>> https://attrition.org/mailman/listinfo/nikto-discuss >>>> >>>> >>> >>> >> >> > > From csullo at gmail.com Tue Oct 13 13:49:52 2009 From: csullo at gmail.com (Sullo) Date: Tue, 13 Oct 2009 09:49:52 -0400 Subject: [Nikto-discuss] Nikto needs an update on thttpd? In-Reply-To: References: Message-ID: I've updated the db_outdated with this update and several other user submitted. Run your update again! -Sullo On Tue, Oct 13, 2009 at 9:33 AM, Peter Wang wrote: > 2.25b29dec2003 > > > On 10/13/09 9:23 AM, "Sullo" wrote: > >> What is the current version? >> >> On Mon, Oct 12, 2009 at 1:51 PM, Peter Wang wrote: >>> Hi Sullo, >>> >>> Thank you for reply. Nikto update works now after I specified -useproxy >>> option. I didn't realize it needs to specify -useproxy at 1st try. >>> >>> It received two file's updates as below, >>> >>> -bash-3.00# ./nikto.pl -update -useproxy >>> + Retrieving 'db_tests' >>> + Retrieving 'db_outdated' >>> + www.cirt.net message: Please submit your bugs!! >>> >>> But thttpd entry didn't get updated, it still has 2.24 as current version. >>> >>> -bash-3.00# grep thttpd db_outdated >>> "600787","thttpd/","2.2426oct2003","@RUNNING_VER appears to be outdated >>> (current is at least @CURRENT_VER)" >>> >>> -Peter >>> >>> On 10/12/09 10:57 AM, "Sullo" wrote: >>> >>>> You're not able to resolve cirt.net, apparently, which is why the >>>> update is relying on the IP. The IP in the nikto.conf file is >>>> incorrect--it should be 174.142.17.165. If you update that and try the >>>> -update again, it should work. >>>> >>>> I'm not sure that the thttpd banner has been updated, but if you still >>>> don't see it properly send me the current version and I'll get it >>>> updated. >>>> >>>> -Sullo >>>> >>>> On Mon, Oct 12, 2009 at 10:22 AM, Peter Wang wrote: >>>>> Hi, >>>>> >>>>> When running Nikto 2.03 scan, Nikto reported an item of thttpd as below. It >>>>> looked like nikto needs an update on this. >>>>> >>>>> Information ?? thttpd/2.25b29dec2003 appears to be outdated (current is at >>>>> least 2.2426oct2003) >>>>> >>>>> Ran ?nikto -update ? didn?t get through, >>>>> >>>>> # nikto -update >>>>> + ERROR (): Unable to get 209.172.49.178/nikto/UPDATES/2.03/versions.txt >>>>> >>>>> Let me know if you have update on this issue, >>>>> >>>>> Thanks, >>>>> Peter >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Nikto-discuss mailing list >>>>> Nikto-discuss at attrition.org >>>>> https://attrition.org/mailman/listinfo/nikto-discuss >>>>> >>>>> >>>> >>>> >>> >>> >> >> > > -- http://www.cirt.net | http://www.osvdb.org/ From jabra at spl0it.org Sat Oct 17 20:45:59 2009 From: jabra at spl0it.org (Jabra) Date: Sat, 17 Oct 2009 16:45:59 -0400 Subject: [Nikto-discuss] Nikto::Parser 0.01 - Parse nikto scan data with Perl Message-ID: <20091017204559.GA17599@navi.v2s.org> Hey guys, I just wanted everyone to know that I have released Nikto::Parser on CPAN. Nikto::Parser is a Perl module to parse nikto scan data using XML. Here is an example: my $npx = new Nikto::Parser; my $parser = $npx->parse_file("nikto.xml"); foreach my $h ( $parser->get_all_hosts() ) { print "ip: " . $h->ip . "\n"; foreach my $p ( $h->get_all_ports() ) { print "port: " . $p->port . "\n"; print "banner: " . $p->banner . "\n"; foreach my $i ( $p->get_all_items ) { print "Description:\n" . $i->description . "\n"; } } print "---\n"; } Please use the latest version of Nikto from svn. http://search.cpan.org/~jabra/Nikto-Parser-0.01/lib/Nikto/Parser.pod Comments, suggestions and patches welcome!! Regards, Jabra -- Jabra < jabra at spl0it.org > http://www.spl0it.org From mail at mare-system.de Mon Oct 19 07:47:46 2009 From: mail at mare-system.de (mare-technik) Date: Mon, 19 Oct 2009 09:47:46 +0200 Subject: [Nikto-discuss] nikto-scans / db_test Message-ID: <4ADC19A2.7040807@mare-system.de> hi there, i run nikto against webservers from time to time and i am active @ the snort-community around emerging threats, since these guys are always close to the latest vulnerabilities and very fast in producing sigs for the latest vulns and exploits, i wonder if there's a need to "translate" these sigs for nikto's db_tests to have the vuln of the "major"-apps in the tests. translation must be done manually, but it would be very easy. mex MARE System Kiel .:. http://www.mare-system.de