[Nikto-discuss] Disabling interactive question

Vlatko Kosturjak kost at linux.hr
Tue Sep 7 10:42:49 CDT 2010 

I think "-ask no" should be default option for nikto. It breaks any
other utility which calls nikto as well (for example, OpenVAS) or any
automatic script which somebody made to automatize his/their scans.

Problem is also to put "-ask no" in code which calls nikto as someone
might have older nikto (as part of Linux distribution).

My $0.02,

On 09/07/2010 05:06 PM, Frank Breedijk wrote:
> Shoot, first line of nikto -Help output (I typed -help again).
> 
> I should have looked at the code... Will make it part of the code.
> 
> Thanks Jabra!
> 
> Frank Breedijk
> ..-. .-. .- -. -.-
> T: +31 (0)20-7506500 E: fbreedijk at schubergphilis.com W: www.schubergphilis.com
> 
> 
> -----Original Message-----
> From: Sullo [mailto:csullo at gmail.com] 
> Sent: 07 September 2010 16:52
> To: Jabra
> Cc: Frank Breedijk; nikto-discuss at attrition.org
> Subject: Re: [Nikto-discuss] Disabling interactive question
> 
> Or you could just use '-ask no' (or yes/auto)... :-)
> 
> 
> On Tue, Sep 7, 2010 at 10:44 AM, Jabra <jabra at spl0it.org> wrote:
>> Using: echo "yes" will only pass one instance of "yes" to nikto if it 
>> asks for user input.
>>
>> Using: yes | nikto would pass as many "yes" inputs until nikto 
>> completes.
>>
>> Regards,
>> Jabra
>>
>> On 07.Sep.2010 04:40PM +0200, Frank Breedijk wrote:
>>> I can see it is still morning there and end of workday here ;)
>>> Yes|nikto ... will work. Nikto does take y for an answer.
>>>
>>> Frank Breedijk
>>> ..-. .-. .- -. -.-
>>> T: +31 (0)20-7506500 E: fbreedijk at schubergphilis.com W: 
>>> www.schubergphilis.com
>>>
>>>
>>> -----Original Message-----
>>> From: Jabra [mailto:jabra at spl0it.org]
>>> Sent: 07 September 2010 16:38
>>> To: Frank Breedijk
>>> Cc: Jabra; nikto-discuss at attrition.org
>>> Subject: Re: [Nikto-discuss] Disabling interactive question
>>>
>>> I'm not seeing such an option...
>>>
>>>
>>> Not to be too picky shouldn't it be 'yes yes |nikto' ?
>>>
>>>
>>> Regards,
>>> Jabra
>>>
>>>
>>>
>>> On 07.Sep.2010 04:30PM +0200, Frank Breedijk wrote:
>>>> I know, however, it is a bit impractical to have to check if this is present, especially as I don't know where the configuration file will be in the system. Is there a command line option to disable it?
>>>>
>>>> The following will do the trick, but feels like cheating:
>>>> echo y | nikto .....
>>>>
>>>> Frank Breedijk
>>>> ..-. .-. .- -. -.-
>>>> T: +31 (0)20-7506500 E: fbreedijk at schubergphilis.com W:
>>>> www.schubergphilis.com
>>>>
>>>> -----Original Message-----
>>>> From: Jabra [mailto:jabra at spl0it.org]
>>>> Sent: 07 September 2010 16:29
>>>> To: Frank Breedijk
>>>> Cc: nikto-discuss at attrition.org
>>>> Subject: Re: [Nikto-discuss] Disabling interactive question
>>>>
>>>> There is an option in the nikto.conf to not ask the user if they 
>>>> want to send updates to cirt.net
>>>>
>>>> Regards,
>>>> Josh
>>>>
>>>> On 07.Sep.2010 04:24PM +0200, Frank Breedijk wrote:
>>>>> When there is a mismatch between the server signature and the signature on file, Nikto asks you to submit it. Is there a way to disable this prompt ? Since I run nikto from Seccubus I need to make sure it finishes and not spends forever waiting for user input.
>>>>>
>>>>>
>>>>> *****************************************************************
>>>>> ***
>>>>> *
>>>>>       Portions of the server's ident string (Apache/2.2.9) are 
>>>>> not in
>>>>>       the Nikto database or is newer than the known string. Would 
>>>>> you like
>>>>>       to submit this information (*no server specific data*) to 
>>>>> CIRT.net
>>>>>       for a Nikto update (or you may email to sullo at cirt.net) (y/n)?
>>>>>
>>>>> Kind regards,
>>>>> Frank Breedijk
>>>>>
>>>>>
>>>>> Schuberg Philis
>>>>> Boeing Avenue 271
>>>>> 1119 PD Schiphol-Rijk
>>>>> schubergphilis.com
>>>>>
>>>>> +31 20 750 65 38
>>>>> +31 6 4382 2637
>>>>> _______________________________________________
>>>>> Nikto-discuss mailing list
>>>>> Nikto-discuss at attrition.org
>>>>> https://attrition.org/mailman/listinfo/nikto-discuss
>>>>
>>>> --
>>>> Jabra < jabra at spl0it.org >
>>>> http://www.spl0it.org
>>>
>>> --
>>> Jabra < jabra at spl0it.org >
>>> http://www.spl0it.org
>>
>> --
>> Jabra < jabra at spl0it.org >
>> http://www.spl0it.org
>> _______________________________________________
>> Nikto-discuss mailing list
>> Nikto-discuss at attrition.org
>> https://attrition.org/mailman/listinfo/nikto-discuss
>>
> 
> 
>

More information about the Nikto-discuss mailing list