[Nikto-discuss] Encoding in xml output
Erik Stephens
erik at edgeos.com
Tue Mar 30 19:44:36 UTC 2010
On 3/29/10 8:36 AM, david lodge wrote:
> I'm interested in which malformed bits you found though - we should be
> trapping anything that can have strange characters within CDATA tags,
> anything else that gets through is a bug. Some redacted samples would
> be useful (or a copy and paste of the bad bit).
One bad byte I found was 0xca, as in:
"""
I n c . ca C o n t e n t S e r v e r
"""
Looks like 0xca is an E with circumflex in iso-8859-1 and the start of a
two-byte character in utf-8. Doesn't look like valid utf-8. I'm using
this as a reference:
http://en.wikipedia.org/wiki/Utf-8#Description
> IIRC, perl 5.6+, like python, uses UTF-8 internally. This is a pretty
> moot point at the moment as the databases and messages only use ASCII
> codes from<127. I'd go with UTF-8 to be safe :-)
I'm seeing this byte in plugins/db_tests (the ContentServer on), so
maybe it was just a typo and simpler to edit that file?
-Erik
More information about the Nikto-discuss
mailing list