[Nikto-discuss] change @CGIDIRS
dave at cirt.net
Sat Mar 13 11:02:03 UTC 2010
On Sat, 13 Mar 2010 10:46:24 -0000, John Smith <deaf.c0t at gmail.com> wrote:
> I'd like to know where and how can I change value of arrays @CGIDIRS,
> @MUTATEDIRS, @ADMINS, etc.
> I downloaded current version 2.1.1 and tried to add it to nikto.conf.
They're in plugins/db_variables. Sometimes it's confusing what's where,
but generally stuff that changes how Nikto runs (e.g. plugins directory,
plugin macros, whether to send back strange results etc.) is in
nikto.conf; anything that affects a scan (e.g. password directories, CGI
directories etc) is in plugins/db_variables.
The line is:
@CGIDIRS=/cgi.cgi/ /webcgi/ /cgi-914/ /cgi-915/ /bin/ /cgi/ /mpcgi/
/cgi-bin/ /ows-bin/ /cgi-sys/ /cgi-local/ /htbin/ /cgibin/ /cgis/
/scripts/ /cgi-win/ /fcgi-bin/ /cgi-exe/ /cgi-home/ /cgi-perl/
> perl nikto.pl -Display V -Plugins cgi -host localhost -Cgidirs all
You're using the new "Plugins" option, please note that the above line
will *only* run the cgi plugin and nothing else (which just checks the web
server to see whether the CGI directory exists). I keep meaning to write
up how the Plugins option works and put it on cirt.net; but I'm lazy!
But Plugins is in a development stage at the moment and the version in
trunk may change before the next release.
> Created config.txt (Is it used in 2.1 branch?) with that variables,
> nothing changed
config.txt is pre-2.1.0 - I replaced it with nikto.conf to better match
how other applications work.
More information about the Nikto-discuss