[Nikto-discuss] Disabling interactive question
Sullo
csullo at gmail.com
Tue Sep 7 10:54:21 CDT 2010
On Tue, Sep 7, 2010 at 11:42 AM, Vlatko Kosturjak <kost at linux.hr> wrote:
> I think "-ask no" should be default option for nikto. It breaks any
> other utility which calls nikto as well (for example, OpenVAS) or any
> automatic script which somebody made to automatize his/their scans.
My concern with that is because we get a lot of updated versions for
db_outdated this way. I'm not sure what setting it to 'no' would do to
that, but in the end all the users would suffer (I think) from less
data being submitted. I'd be curious to see what others think about
this.
> Problem is also to put "-ask no" in code which calls nikto as someone
> might have older nikto (as part of Linux distribution).
nikto-2.1.2 is the first to include the -ask option (previously it was
just PROMPTS in the config file). I tested 2.00 (2.0.0) and if you
supply -ask it just prints an error about it being unknown but
continues execution, so I don't think this should be a problem.
>
> My $0.02,
Much appreciated.
I wonder if when it prompts it should include a quick note as to how
to disable prompting? Would that be a help, at least?
----
http://www.cirt.net | http://www.osvdb.org/
More information about the Nikto-discuss
mailing list