[Nikto-discuss] Non integer pause times not working as expected

Sullo sullo at cirt.net
Mon Mar 18 18:30:25 CDT 2013 

Well I learned something new--If you 'use' a module and include keywords
(like 'sleep', which we did here) the keywords are only local to that
scope. So essentially a sleep() call inside the eval would have used the
Time::HiRes, but nothing outside.

It's been changed to a require which seems to fix the issue as that is
global. My testing shows the requests quite a bit slower than normal--Dave,
can you confirm (running out of the git repo).

Thanks,
Sullo

On Mon, Mar 18, 2013 at 1:51 PM, Dave Wray <david.wray at sec-tec.co.uk> wrote:

> Hi,****
>
> ** **
>
> I installed Time::HiRes (v1.9725), the module’s path is in my @INC path,
> but I still cannot get this to work.****
>
> ** **
>
> Nikto reports that it is pausing .5 seconds, but the web server log shows
> a much faster rate. Is anyone else able to confirm if they have this
> working as expected? Not just reporting 0.5 seconds pause but actually
> pausing between requests for that time.****
>
> ** **
>
> Anything I can try?****
>
> ** **
>
> Many thanks****
>
> ** **
>
> D****
>
> ** **
>
> ** **
>
> *From:* csullo at gmail.com [mailto:csullo at gmail.com] *On Behalf Of *Sullo
> *Sent:* 17 March 2013 13:02
> *To:* Dave Wray
> *Cc:* Nikto-discuss at attrition.org
> *Subject:* Re: [Nikto-discuss] Non integer pause times not working as
> expected****
>
> ** **
>
> Do you have the TIme::HiRes module installed? If you do, any valid number
>  > 0 should work. For example:****
>
> ** **
>
> sullo$ ./nikto.pl -h localhost -Pause .5****
>
> -***** Pausing .5 second(s) per request *********
>
> ** **
>
> If you don't have Time::HiRes you can still use Pause but you can only use
> whole seconds. This may be what is tripping you up? ****
>
> ** **
>
> Regards,****
>
> Sullo****
>
> ** **
>
> ** **
>
> On Wed, Mar 13, 2013 at 4:55 PM, Dave Wray <david.wray at sec-tec.co.uk>
> wrote:****
>
> All,****
>
>  ****
>
> I’m having trouble setting non-integer pauses times such as 0.5 seconds. *
> ***
>
> Nikto 2.1.5 (fully updated) seems to treat values less than 1 as zero.****
>
>  ****
>
> Thanks in advance.****
>
>  ****
>
> D****
>
>  ****
>
>
> ________________________________________________________________________
> Sec-Tec Ltd, leading specialists in information security professional
> services. Visit http://www.sec-tec.co.uk for more information on our
> services. This e-mail has been scanned for possible virus contamination.
> However, we recommend that all recipients also scan this message.****
>
>
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss****
>
>
>
> ****
>
> ** **
>
> --
>
> http://cirt.net     |      http://richsec.com/ ****
>
> ________________________________________________________________________
> Sec-Tec Ltd, leading specialists in information security professional
> services. Visit http://www.sec-tec.co.uk for more information on our
> services. This e-mail has been scanned for possible virus contamination.
> However, we recommend that all recipients also scan this message.
>
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>
>


-- 

http://cirt.net     |      http://richsec.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20130318/3f5f1b7e/attachment.html>

More information about the Nikto-discuss mailing list