[Nikto-discuss] Nikto 2.1.2 released
Sullo
csullo at gmail.com
Thu Jul 15 15:18:42 CDT 2010
On Thu, Jul 15, 2010 at 3:29 PM, Justin Klein Keane <justin at madirish.net> wrote:
> I'm writing some new tests and I have a couple of questions. Firstly
> I was wondering if anyone has documentation for the format of the
> db_tests file.
http://cirt.net/nikto2-docs/expanding.html
> Also, I'm adding some new stuff to
> the db_variables file and wondering if that is the best way to add new
> subdirectories to search. So far my additions to db_variables are:
>
> @DRUPAL=/ /drupal/ /drupal5/ /drupal6/ /drupal-6.16/ /drupal-6.17/
This looks fine. Keep in mind that each test will be multiplied into 5
tests with the 5 values you have here, so we always want to make sure
we are sticking with the most common subdirectories for a product
installation.
> I'm still testing these but they seem to work pretty well. I'm going to
> try and work back through some of the recent Drupal vulnerability
> reports and add checks to Nikto. Is there a recommended way to submit
> stuff back to the project? Thanks for any feedback.
You can validate the syntax of your tests with the -dbcheck option
(this will check the main tests as well as the user supplied
databases). You can email any checks directly to me and/or the mailing
list and I'll get them integrated as soon as possible.
Thanks!
--
http://www.cirt.net | http://www.osvdb.org/
More information about the Nikto-discuss
mailing list