From gau.29486 at gmail.com Thu Aug 5 09:48:13 2010 From: gau.29486 at gmail.com (Gaurang Shukla) Date: Thu, 5 Aug 2010 09:48:13 -0500 Subject: [Nikto-discuss] Help Fixing a Bug Message-ID: Hi All, I have a perl script which runs nitko every night on my network and updates the results to a database. I have created a cronjob for the purpose. But it seems to be having problems with the Bug 515871 - Nikto broken package. I get the following error: - ERROR: Unable to open config file 'config.txt' (No such file or directory), only 1 CGI directory defined. I tried to fix the bug using the first solution given on bugzilla (making changes to EXECDIR). My nikto runs when I give the command in /nikto folder, but my perl script is giving the same error. (I use backticks operator to run nikto in my perl script) Also, I am not able to understand bug fix given in the attachment. How exactly am I supposed to do that, and which file? -- -Gaurang -------------- next part -------------- An HTML attachment was scrubbed... URL: From dave at cirt.net Thu Aug 5 10:54:53 2010 From: dave at cirt.net (dave at cirt.net) Date: Thu, 05 Aug 2010 11:54:53 -0400 Subject: [Nikto-discuss] Help Fixing a Bug In-Reply-To: References: Message-ID: <20100805115453.7zlp933lwkso8k4o@webmail.sullo.com> Quoting Gaurang Shukla : > I have a perl script which runs nitko every night on my network and > updates the results to a database. I have created a cronjob for the purpose. > But it seems to be having problems with the Bug 515871 - Nikto broken > package. After doing some digging - you're running the packaged version of Nikto 2.03 on Fedora? First off, 2.03 is a few years old and many things have changed since then. The current stable version is 2.1.2, it may be worth getting the Fedora guys to repackage it. > I get the following error: > > - ERROR: Unable to open config file 'config.txt' (No such file or > directory), only 1 CGI directory defined. This error means that it cannot find the configuration file (config.txt). Which Nikto 2.03 expected to be in the current directory. I don't actually have a copy of Nikto 2.03 to check on, but there should be a line in the first few lines of nikto.pl which points to where the config.txt file should be. It'll be something like: $NIKTO{'configfile'} = "config.txt"; Then, in the configfile you should see lines like: #EXECDIR=/usr/local/nikto If you uncomment this and alter it to the parent location of the plugins directory, then all should be spanky. I would seriously advise updating to 2.1.2, as lots of new things have been added. From sullo at cirt.net Sun Aug 8 21:29:48 2010 From: sullo at cirt.net (Sullo) Date: Sun, 8 Aug 2010 22:29:48 -0400 Subject: [Nikto-discuss] behind a proxy? care to test? Message-ID: Anyone with this situation: - behind a proxy - can't resolve external names who might be able to test out the update code I just checked in? Here's a direct download link: http://trac2.assembla.com/Nikto_2/changeset/495/trunk?old_path=%2F&format=zip Just looking for someone to try with "-useproxy -update" and see if it works/fails. The key here is that you *cannot* resolve external names... Thanks, Sullo -- http://www.cirt.net? ?? |? ? ? http://www.osvdb.org/ From sullo at cirt.net Sun Aug 8 22:03:09 2010 From: sullo at cirt.net (Sullo) Date: Sun, 8 Aug 2010 23:03:09 -0400 Subject: [Nikto-discuss] behind a proxy? care to test? In-Reply-To: References: Message-ID: Nevermind, got it sorted with Burp and dns config changes. Thanks. On Sun, Aug 8, 2010 at 10:29 PM, Sullo wrote: > Anyone with this situation: > - behind a proxy > - can't resolve external names > > who might be able to test out the update code I just checked in? > > Here's a direct download link: > http://trac2.assembla.com/Nikto_2/changeset/495/trunk?old_path=%2F&format=zip > > Just looking for someone to try with "-useproxy -update" and see if it > works/fails. The key here is that you *cannot* resolve external > names... > > Thanks, > Sullo > > -- > > http://www.cirt.net? ?? |? ? ? http://www.osvdb.org/ > -- http://www.cirt.net? ?? |? ? ? http://www.osvdb.org/