[Nikto-discuss] Recent changes in trunk
David Lodge
dave at cirt.net
Sat Aug 1 11:37:59 UTC 2009
To fix the reporting bug I created earlier that was found by Jabra, I've
made some massive changes to the way Nikto handles targets and reporting,
a quick synopsis is below:
* Nikto will now work out and assign "marks" (the variable target had
already been used :-) before it starts scanning
* Nikto will call reporter plugins for each item found
* Nikto will no longer use nmap to portscan ports
How you will see this when running nikto is that, the inputs to -host and
-port have been changed. You used to be able to supply:
nikto.pl -host <file>
nikto.pl -host <url>
nikto.pl -host "hostname1 hostname2" -port 80-81
This now looks like:
nikto.pl -host hostname1,file,url -port port1,port2
Where the host list can be any number of hosts, urls or files containing
hosts or urls. If ports are supplied they are applied to all hosts/urls
which don't already have ports.
For example if we have the files host1.txt containing:
http://fred/
jim:8081
And host2.txt containing:
http://shelia:89/
Then we can do:
nikto.pl -host host1.txt,host2.txt,arabella -port 80,443
This will set the marks as:
http://fred:80
https://fred:443
http://jim:8081
http://shelia:89
http://arabella:80
https://arabella:443
I ended up removing nmap from the code, as this was only use in certain
cases to do a prelude to a test that Nikto would do anyway. This removes
some functionality that would allow Nikto to do a portscan. In my opinion,
Nikto shouldn't be doing portscans, nmap (or your favourite portscanner)
can do a much better job than Nikto can do and I'd rather take a feed from
nmap, rather than have Nikto spawn nmap, so instead of doing:
nikto.pl -host 192.168.0.0/24 -port 80,443,8000-9000
We should do:
nmap -p80,443,8000-9000 192.168.0.0/24 -oG - | nikto.pl -host -
Nikto can already do the second. Should Nikto do the first? I certainly
don't use it like this, but is this how other people use it?
Finally reporting is now done on the fly, so items are written to the
report as they're found. This means that you can now CTRL+C in the middle
of a scan and not lose your results (this is a big positive for me).
Though, it will not write host and file closing statements on HTML or XML
types.
Comments/opinions?
dave
More information about the Nikto-discuss
mailing list