[Nikto-discuss] -f cancels report exporting

Lewis Francis lewis at lewisfrancis.com
Sun Mar 6 21:11:06 CST 2011 

Thanks Sullo, I'll check it out. Meanwhile I've posted MacNikto 1.2 with Nikto 2.1.4 support. Thanks again for your help.

BTW, Doug Nomura supposedly gave a shout-out to MacNikto and Nikto at his MacWorld 2011 security session. I wasn't there to confirm but he contacted me prior to the session to answer a couple questions. 

Cheers,
-Lewis

On Mar 5, 2011, at 10:34 PM, Sullo wrote:

> This is now fixed, and I'm closing ticket #207. -findonly is still an
> alias to the proper Plugins flags, with reporting enabled. The output
> tweaks to emulate the old output have been updated to match the new
> findonly alias.
> 
> As far as I can tell, this now looks exactly like it did in versions
> 2.1.3 and below... if not please let me know.
> 
> -Sullo
> 
> 
> On Tue, Mar 1, 2011 at 1:55 PM, lewis francis <lewis at lewisfrancis.com> wrote:
>> Bah, I had my subscription set to digest. Thanks much, that will work nicely
>> as a -f replacement for MacNikto/Nikto 2.1.4. Now, if only I can figure out
>> how to get Xcode up and running again.
>> 
>> On Thu, Feb 24, 2011 at 10:38 AM, lewis francis <lewis at lewisfrancis.com>
>> wrote:
>>> Hey all, congrats on getting 2.1.4 out the door.
>>> 
>>> I see in the docs that -f has been deprecated and its usage now disables
>>> all plugins, which are necessary for report exporting. Sadly, this slightly
>>> breaks MacNikto, which assumes that a combination of -0 and -f will result
>>> in an exported report.
>>> 
>>> I alway thought -f was a handy feature to have, and can certainly work
>>> around the fact that -f scans can no longer be exported, but was curious as
>>> to  the thinking behind the deprecation of this feature? Also, may I assume
>>> that  future version of Nikto will no longer support -f at all? Might make
>>> sense for me to drop findonly support entirely rather than work around the
>>> current behavior if so.
>> 
>> 
>> Right now -f is just an alias to the "proper" -Plugins options, and I
>> don't see any real reason to complete remove the -f flag (at least at
>> the moment). Previously, -findonly was its own bit of code which was
>> just annoying.
>> 
>> In any case, the emulation of -f via -P didn't intentionally or
>> unintentionally break reporting. Using the -Plugins flags like this...
>>  -Plugins
>> 'report_csv;report_html;report_text;report_xml;report_nbe;report_msf'
>> 
>> It will create the output file. I need to make some additional tweaks
>> to get the output too look the same as it currently does (since it
>> only looks for plugins @@NONE), but this shouldn't be too hard. I'll
>> add a ticket and get this fixed for 2.1.5. In the meantime, can
>> MacNikto use the string above to get the output (even though it looks
>> a bit different)?
>> 
>> 
>> 
>> 
>> 
>> _______________________________________________
>> Nikto-discuss mailing list
>> Nikto-discuss at attrition.org
>> https://attrition.org/mailman/listinfo/nikto-discuss
>> 
>> 
> 
> 
> 
> -- 
> 
> http://www.cirt.net     |      http://www.osvdb.org/

More information about the Nikto-discuss mailing list