[Nikto-discuss] Bug: Nikto eating input from non-tty stdin

Serge van den Boom svdb at madison-gurkha.com
Tue Apr 19 05:11:29 CDT 2011


On Tue, 19 Apr 2011, dave at cirt.net wrote:
> Quoting Serge van den Boom <svdb at madison-gurkha.com>:
>> There is no generateTargets script; I just used that as a placeholder
>> for any command which produces the targets. I can reproduce the issue
>> using the following oneliner:
>>    printf '127.0.0.1\n127.0.0.1\n127.0.0.1\n' | while read -r TARGET; do 
>> echo TARGET: "$TARGET"; nikto.pl -host "$TARGET" -output 
>> nikto-"$TARGET".txt; done
>
> I've raised this as a bug:
> http://trac2.assembla.com/Nikto_2/ticket/210#preview

You write "or buffer up all of stdin at initiation" in that ticket.
Do you mean that Nikto would read everything that it can from stdin?
I don't see how that would solve anything in a batch run; you can't put
the data back in stdin after Nikto ends.

> As I'm a bit short of time at the moment I don't have time to fix it fully. 
> Certainly the description of ReadKey implies that it may read from stdin - 
> but what I don't get is why it's only reading some characters.

Now that you mention it, I have actually seen that the scans stop
unexpectedly after scanning a host, which would fit with Nikto eating
all further input. It may have something to do with whether the HTTP
service is accessible at all.

I don't know how Nikto works internally, but if it just checks for a key
before sending a request, and it can't connect at all, then it will only
read a single byte (as long as stdio isn't buffered).

So then the next scan would probably fail too, because the starting
digit of the IP address is eaten, and then a single byte more would be
eaten, etc.

But on a succesful scan, Nikto would have had the opportunity to eat all
input, and no further scans are performed.

> The quickest way to resolve this may just be to add a -batch switch to 
> disable interactive features, though then you could only quit via CTRL+C.

I suspect that most users would not find out about this switch until
things have gone wrong, and it may cost them a lot of time in the
meantime. There is no reason why Nikto would need to read from stdin
when it is not a tty, so a simple isatty() check would be enough.


Regards,

Serge



More information about the Nikto-discuss mailing list