From svdb at madison-gurkha.com Fri Apr 15 08:45:17 2011 From: svdb at madison-gurkha.com (Serge van den Boom) Date: Fri, 15 Apr 2011 15:45:17 +0200 (CEST) Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin Message-ID: Hi, Nikto eats characters from stdin, which is undesirable when this is not a tty. For instance, the following Bourne shell script fragment will not work: generateTargets | while read -r TARGET; do nikto.pl -Display V -Format txt -host "$TARGET" -output nikto-"$TARGET".txt done After the first host, one or more characters from the beginning of "$TARGET" may be cut for the following target. While it could be argued that the shell script should not rely on external programs such as nikto leaving stdin alone, the current behaviour is likely to confuse people, as this is not expected from a tool which appears to be non-interactive. Suggested solution: Check whether stdin is a tty, and do not read from it if it is not. (Alternatively, reopen stdin from /dev/tty.) Workaround: Redirect stdin from /dev/null in the invocation of nikto.pl. Regards, Serge van den Boom From csullo at gmail.com Fri Apr 15 08:53:31 2011 From: csullo at gmail.com (Sullo) Date: Fri, 15 Apr 2011 09:53:31 -0400 Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin In-Reply-To: References: Message-ID: On Fri, Apr 15, 2011 at 9:45 AM, Serge van den Boom wrote: > Nikto eats characters from stdin, which is undesirable when this is not > a tty. For instance, the following Bourne shell script fragment will not > work: > ? ?generateTargets | while read -r TARGET; do > ? ? ? ?nikto.pl -Display V -Format txt -host "$TARGET" -output > nikto-"$TARGET".txt > ? ?done > > After the first host, one or more characters from the beginning of "$TARGET" > may be cut for the following target. This should work just fine. If characters are being dropped from $TARGET than it seems like they are getting chopped out from generateTargets and not inside nikto. If you preface your nikto.pl line with an 'echo' to see what it's calling, is $TARGET intact or is it mangled already? I just tested out your script, replacing generateTargets with a simple file cat, and it seems to work fine. -Sullo -- http://www.cirt.net? ?? |? ? ? http://www.osvdb.org/ From dave at cirt.net Fri Apr 15 09:16:37 2011 From: dave at cirt.net (dave at cirt.net) Date: Fri, 15 Apr 2011 10:16:37 -0400 Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin In-Reply-To: References: Message-ID: <20110415101637.16393ntuuaf8i2ww@webmail.cirt.net> Quoting Serge van den Boom : > Nikto eats characters from stdin, which is undesirable when this is not > a tty. For instance, the following Bourne shell script fragment will not > work: > generateTargets | while read -r TARGET; do > nikto.pl -Display V -Format txt -host "$TARGET" -output > nikto-"$TARGET".txt > done > > After the first host, one or more characters from the beginning of "$TARGET" > may be cut for the following target. This is strange - Nikto does read from the tty; but this is directly from the tty, not from stdin. The above is also how I run Nikto (except I do the simpler way:) for i in $(generateTargets); do nikto -D V -host $i -output nikto-$i.txt;done If you're running nikto-2.1.3 or later you don't need the -format if you've got a standard extension (e.g. .html .txt or .xml). > Suggested solution: > Check whether stdin is a tty, and do not read from it if it is not. > (Alternatively, reopen stdin from /dev/tty.) > > Workaround: > Redirect stdin from /dev/null in the invocation of nikto.pl. This would probably fail on Windows; but I'm interested in the contents of your generateTargets script to see what's happening. From svdb at madison-gurkha.com Fri Apr 15 09:53:38 2011 From: svdb at madison-gurkha.com (Serge van den Boom) Date: Fri, 15 Apr 2011 16:53:38 +0200 (CEST) Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin In-Reply-To: References: Message-ID: On Fri, 15 Apr 2011, Sullo wrote: > On Fri, Apr 15, 2011 at 9:45 AM, Serge van den Boom > wrote: > >> Nikto eats characters from stdin, which is undesirable when this is not >> a tty. For instance, the following Bourne shell script fragment will not >> work: >> ? ?generateTargets | while read -r TARGET; do >> ? ? ? ?nikto.pl -Display V -Format txt -host "$TARGET" -output >> nikto-"$TARGET".txt >> ? ?done >> >> After the first host, one or more characters from the beginning of "$TARGET" >> may be cut for the following target. > > This should work just fine. If characters are being dropped from > $TARGET than it seems like they are getting chopped out from > generateTargets and not inside nikto. If you preface your nikto.pl > line with an 'echo' to see what it's calling, is $TARGET intact or is > it mangled already? > > I just tested out your script, replacing generateTargets with a simple > file cat, and it seems to work fine. There is no generateTargets script; I just used that as a placeholder for any command which produces the targets. I can reproduce the issue using the following oneliner: printf '127.0.0.1\n127.0.0.1\n127.0.0.1\n' | while read -r TARGET; do echo TARGET: "$TARGET"; nikto.pl -host "$TARGET" -output nikto-"$TARGET".txt; done It will first initiate a scan of "127.0.0.1" (as it should), but then "27.0.0.1". Note the missing "1". The first "read" will read "127.0.0.1", the second one "27.0.0.1". With 'set -x' in Bash, the following commands are shown to be executed: read -r TARGET printf '127.0.0.1\n127.0.0.1\n127.0.0.1' echo 127.0.0.1 nikto.pl -host 127.0.0.1 -output nikto-127.0.0.1.txt read -r TARGET echo 27.0.0.1 nikto.pl -host 27.0.0.1 -output nikto-27.0.0.1.txt read -r TARGET echo 27.0.0.1 nikto.pl -host 27.0.0.1 -output nikto-27.0.0.1.txt read -r TARGET I should add that this is using Nikto 2.1.4, and that I have seen this on different operating systems, using different shells. There does appear to be some timing involved; sometimes the same lines do seem to work; if you can't reproduce it at first, just try again. I suspect that the problem lies in the (use of the) readkey function in plugins/nikto_core.plugin. On Fri, 15 Apr 2011, dave at cirt.net wrote: > The above is also how I run Nikto (except I do the simpler way:) > for i in $(generateTargets); do nikto -D V -host $i -output nikto-$i.txt;done I try to avoid such constructs in principle, because this does not handle white space in lines read well. Though for host names or IP addresses that should not be a problem. > If you're running nikto-2.1.3 or later you don't need the -format if you've > got a standard extension (e.g. .html .txt or .xml). Noted. Thanks. > This would probably fail on Windows; but I'm interested in the contents of > your generateTargets script to see what's happening. See above. Regards, Serge From nikhilboreddy at gmail.com Fri Apr 15 22:24:53 2011 From: nikhilboreddy at gmail.com (Nikhil Boreddy) Date: Sat, 16 Apr 2011 08:54:53 +0530 Subject: [Nikto-discuss] (no subject) Message-ID: -- Nikhil Boreddy gchat: nikhilboreddy at gmail.com skype: nikhil.reddy90 mobile: +919535617486 http://www.facebook.com/b.nikhilreddy -------------- next part -------------- An HTML attachment was scrubbed... URL: From dave at cirt.net Tue Apr 19 04:34:07 2011 From: dave at cirt.net (dave at cirt.net) Date: Tue, 19 Apr 2011 05:34:07 -0400 Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin In-Reply-To: References: Message-ID: <20110419053407.15667rdkd1ehedxc@webmail.cirt.net> Quoting Serge van den Boom : > There is no generateTargets script; I just used that as a placeholder > for any command which produces the targets. I can reproduce the issue > using the following oneliner: > printf '127.0.0.1\n127.0.0.1\n127.0.0.1\n' | while read -r > TARGET; do echo TARGET: "$TARGET"; nikto.pl -host "$TARGET" -output > nikto-"$TARGET".txt; done I've raised this as a bug: http://trac2.assembla.com/Nikto_2/ticket/210#preview As I'm a bit short of time at the moment I don't have time to fix it fully. Certainly the description of ReadKey implies that it may read from stdin - but what I don't get is why it's only reading some characters. The quickest way to resolve this may just be to add a -batch switch to disable interactive features, though then you could only quit via CTRL+C. From svdb at madison-gurkha.com Tue Apr 19 05:11:29 2011 From: svdb at madison-gurkha.com (Serge van den Boom) Date: Tue, 19 Apr 2011 12:11:29 +0200 (CEST) Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin In-Reply-To: <20110419053407.15667rdkd1ehedxc@webmail.cirt.net> References: <20110419053407.15667rdkd1ehedxc@webmail.cirt.net> Message-ID: On Tue, 19 Apr 2011, dave at cirt.net wrote: > Quoting Serge van den Boom : >> There is no generateTargets script; I just used that as a placeholder >> for any command which produces the targets. I can reproduce the issue >> using the following oneliner: >> printf '127.0.0.1\n127.0.0.1\n127.0.0.1\n' | while read -r TARGET; do >> echo TARGET: "$TARGET"; nikto.pl -host "$TARGET" -output >> nikto-"$TARGET".txt; done > > I've raised this as a bug: > http://trac2.assembla.com/Nikto_2/ticket/210#preview You write "or buffer up all of stdin at initiation" in that ticket. Do you mean that Nikto would read everything that it can from stdin? I don't see how that would solve anything in a batch run; you can't put the data back in stdin after Nikto ends. > As I'm a bit short of time at the moment I don't have time to fix it fully. > Certainly the description of ReadKey implies that it may read from stdin - > but what I don't get is why it's only reading some characters. Now that you mention it, I have actually seen that the scans stop unexpectedly after scanning a host, which would fit with Nikto eating all further input. It may have something to do with whether the HTTP service is accessible at all. I don't know how Nikto works internally, but if it just checks for a key before sending a request, and it can't connect at all, then it will only read a single byte (as long as stdio isn't buffered). So then the next scan would probably fail too, because the starting digit of the IP address is eaten, and then a single byte more would be eaten, etc. But on a succesful scan, Nikto would have had the opportunity to eat all input, and no further scans are performed. > The quickest way to resolve this may just be to add a -batch switch to > disable interactive features, though then you could only quit via CTRL+C. I suspect that most users would not find out about this switch until things have gone wrong, and it may cost them a lot of time in the meantime. There is no reason why Nikto would need to read from stdin when it is not a tty, so a simple isatty() check would be enough. Regards, Serge From dave at cirt.net Tue Apr 19 05:43:10 2011 From: dave at cirt.net (dave at cirt.net) Date: Tue, 19 Apr 2011 06:43:10 -0400 Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin In-Reply-To: References: <20110419053407.15667rdkd1ehedxc@webmail.cirt.net> Message-ID: <20110419064310.248857avgtygxvs4@webmail.cirt.net> Quoting Serge van den Boom : >> I've raised this as a bug: >> http://trac2.assembla.com/Nikto_2/ticket/210#preview > You write "or buffer up all of stdin at initiation" in that ticket. > Do you mean that Nikto would read everything that it can from stdin? > I don't see how that would solve anything in a batch run; you can't put > the data back in stdin after Nikto ends. It was a thought I had whilst writing the bug - as you've said it probably would break stuff. >> As I'm a bit short of time at the moment I don't have time to fix >> it fully. Certainly the description of ReadKey implies that it may >> read from stdin - but what I don't get is why it's only reading >> some characters. > Now that you mention it, I have actually seen that the scans stop > unexpectedly after scanning a host, which would fit with Nikto eating > all further input. It may have something to do with whether the HTTP > service is accessible at all. That may make sense. Looking further into ReadKey, the default stream seems to be STDIN; but this may be very platform dependant (hence why Sullo couldn't reproduce as he's one of them Mac users). I need to spend some time testing this before I commit anything, as I don't want to break something on a platform that I can't test myself (e.g. Mac OS X). >> The quickest way to resolve this may just be to add a -batch switch >> to disable interactive features, though then you could only quit >> via CTRL+C. > I suspect that most users would not find out about this switch until > things have gone wrong, and it may cost them a lot of time in the > meantime. There is no reason why Nikto would need to read from stdin > when it is not a tty, so a simple isatty() check would be enough. Good point; though of course it may be a user requirement to use the interactive features whilst doing a loop; hence testing is needed on at least the big 3 platforms (Windows, Mac and Linux). For now the only work around I can suggest is to avoid using stdin to pass stuff as you're doing at the moment (using something like the for loop I suggested earlier). From svdb at madison-gurkha.com Tue Apr 19 06:18:50 2011 From: svdb at madison-gurkha.com (Serge van den Boom) Date: Tue, 19 Apr 2011 13:18:50 +0200 (CEST) Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin In-Reply-To: <20110419064310.248857avgtygxvs4@webmail.cirt.net> References: <20110419053407.15667rdkd1ehedxc@webmail.cirt.net> <20110419064310.248857avgtygxvs4@webmail.cirt.net> Message-ID: On Tue, 19 Apr 2011, dave at cirt.net wrote: >>> The quickest way to resolve this may just be to add a -batch switch to >>> disable interactive features, though then you could only quit via CTRL+C. >> I suspect that most users would not find out about this switch until >> things have gone wrong, and it may cost them a lot of time in the >> meantime. There is no reason why Nikto would need to read from stdin >> when it is not a tty, so a simple isatty() check would be enough. > > Good point; though of course it may be a user requirement to use the > interactive features whilst doing a loop; hence testing is needed on > at least the big 3 platforms (Windows, Mac and Linux). If you're running Nikto from within a loop in which stdin is redirected, then you won't have access to the interactive features regardless of how Nikto treats stdin. And if you run Nikto from within a loop without redirecting stdin (such as the "for TARGET in ..." construct), then stdin will be a tty, isatty() will return true, and you can use Nikto's interactive features as normally. So running within a loop makes no difference. But if you really do want to be able to read interactive keyboard commands from something which is not a tty -- and I don't see a practical use for this -- then you could always do it the other way around: Add a command line option to force interactive mode (as Bash' -i flag). > For now the only work around I can suggest is to avoid using stdin to > pass stuff as you're doing at the moment (using something like the for > loop I suggested earlier). Starting nikto with "< /dev/null" would do the trick here (on Linux), while allowing the use of the "while read" structure. Or even "< /dev/tty", which will keep the interactive features working. Regards, Serge From csullo at gmail.com Tue Apr 19 07:19:10 2011 From: csullo at gmail.com (Sullo) Date: Tue, 19 Apr 2011 08:19:10 -0400 Subject: [Nikto-discuss] Bug: Nikto eating input from non-tty stdin In-Reply-To: <20110419064310.248857avgtygxvs4@webmail.cirt.net> References: <20110419053407.15667rdkd1ehedxc@webmail.cirt.net> <20110419064310.248857avgtygxvs4@webmail.cirt.net> Message-ID: On Tue, Apr 19, 2011 at 6:43 AM, wrote: > That may make sense. Looking further into ReadKey, the default stream seems > to be STDIN; but this may be very platform dependant (hence why Sullo > couldn't reproduce as he's one of them Mac users). After a bit of testing I was actually able to produce it on OSX, so it may not be that different across POSIX systems. Not sure about Windows. Sorry, never got a chance to reply! -- http://www.cirt.net? ?? |? ? ? http://www.osvdb.org/ From u9721077 at ems.ndhu.edu.tw Wed Apr 27 10:14:46 2011 From: u9721077 at ems.ndhu.edu.tw (u9721077) Date: Wed, 27 Apr 2011 23:14:46 +0800 (CST) Subject: [Nikto-discuss] How to modify Nikto as I want? Message-ID: <1303917286.29613.u9721077@ems.ndhu.edu.tw> Hi,I am a student from Taiwan. I have a project that have to modify Nikto. How could I do can let the report save as text file in Linux ? Very very thanks for your help. Best wish. PS: I'm sorry for that my English is poor. From csullo at gmail.com Wed Apr 27 21:26:08 2011 From: csullo at gmail.com (Sullo) Date: Wed, 27 Apr 2011 22:26:08 -0400 Subject: [Nikto-discuss] How to modify Nikto as I want? In-Reply-To: <1303917286.29613.u9721077@ems.ndhu.edu.tw> References: <1303917286.29613.u9721077@ems.ndhu.edu.tw> Message-ID: On Wed, Apr 27, 2011 at 11:14 AM, u9721077 wrote: > Hi,I am a student from Taiwan. I have a project that have to modify Nikto. How could I do can let the report save as text file in Linux ? You can just use the -o (output) option with a file name that ends in ".txt", such as: -o savefile.txt -- http://www.cirt.net? ?? |? ? ? http://www.osvdb.org/ From ryandewhurst at gmail.com Thu Apr 28 01:20:20 2011 From: ryandewhurst at gmail.com (ryandewhurst at gmail.com) Date: Thu, 28 Apr 2011 06:20:20 +0000 Subject: [Nikto-discuss] How to modify Nikto as I want? Message-ID: <1213064762-1303971619-cardhu_decombobulator_blackberry.rim.net-1607077880-@b16.c11.bise7.blackberry> ./nikto.pl --host www.example.com > output.txt ------Original Message------ From: u9721077 Sender: nikto-discuss-bounces at attrition.org To: nikto-discuss ReplyTo: u9721077 at ems.ndhu.edu.tw Subject: [Nikto-discuss] How to modify Nikto as I want? Sent: Apr 27, 2011 4:14 PM Hi,I am a student from Taiwan. I have a project that have to modify Nikto. How could I do can let the report save as text file in Linux ? Very very thanks for your help. Best wish. PS: I'm sorry for that my English is poor. _______________________________________________ Nikto-discuss mailing list Nikto-discuss at attrition.org https://attrition.org/mailman/listinfo/nikto-discuss Sent from my BlackBerry? wireless device