[Nikto-discuss] Nikto plugin for Nessus

Subscriptions subs at qcontinuum.plus.com
Tue May 1 07:33:51 CDT 2012

I'm not sure who is responsible for the nikto.nasl Nessus plugin, but 
since I haven't got a response from Tenable yet, I decided to raise the 
issue here as well.

I recently discovered the Nikto plugin for Nessus and installed it on 
our server running Nessus 5.1. Having followed the configuration steps 
on Tenable's website I got everything working nicely. About a week ago 
it suddenly stopped working.

I have checked that:

- Nikto runs Ok on its own.
- Nikto directory is in the system path.
- Nikto can be called using ..\..\nasl nikto.nasl from the plugins 
- Nikto is enabled in the policy preferences
- The correct policy is being used in the scan template
- web application tests are enabled
- CGI Abuses and CGI Abuses:XSS are enabled, along with service 
detection, settings and web servers
- have also tried with ALL plugins enabled
- Disable if server never replies 404: tried checked and unchecked
- rebooted server to make sure

I cannot see anything in the log showing that the plugin is being run, 
nor can I see a 'perl nikto.pl' process starting while the scan is in 
progress. Although the plugins have been updated via our Professional 
Feed, the nikto.nasl plugin appears to have the same date and appears 
unchanged. I think this may be a Nessus rather than a Nikto issue so 
apologies if I shouldn't have posted here, but I'm running out of ideas 
and was hoping that someone might have thought of something I haven't.

More information about the Nikto-discuss mailing list