[Nikto-discuss] Nikto 2.02 SSL Scan won't work
Jon Hart
jhart at spoofed.org
Wed Apr 2 08:02:43 UTC 2008
On Tue, Apr 01, 2008 at 07:45:16PM -0400, Sullo wrote:
> Has this happened on multiple targets from the same scanning machine?
> Has it happened from the same scanning machine against multiple targets?
> Do IPs vs names make any difference? what if you force the vhost with -v?
>
> Frank could be on to something here, but I would think the problem would
> be more widely seen if that line is the problem...
When I've seen this happen, the vhost option and trying hostnames and
IPs did not seem to have an effect. Similarly, SSL certs signed by
a trusted, untrusted or self-signed don't seem to matter either.
Run in debug mode, I get this:
D: - $whisker->error Error sending request to server: Could not send
entire data queue
If you track that down, it is coming from LW.pm. Slap some debug code
into LW.pm, and you'll instead see this:
D: - $whisker->error Error sending request to server: Could not send
entire data queue (err=SSL_write 1047: 1 - error:140D5042:SSL
routines:SSL3_CTRL:called a function you should not call
This seems to be a bug in LW, but not in LW2. See:
http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/2006-May/000760.html
And:
http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/2006-May/000762.html
This workaround is in there.
-jon
More information about the Nikto-discuss
mailing list