[Nikto-discuss] Bug: Nikto eating input from non-tty stdin
dave at cirt.net
dave at cirt.net
Fri Apr 15 09:16:37 CDT 2011
Quoting Serge van den Boom <svdb at madison-gurkha.com>:
> Nikto eats characters from stdin, which is undesirable when this is not
> a tty. For instance, the following Bourne shell script fragment will not
> work:
> generateTargets | while read -r TARGET; do
> nikto.pl -Display V -Format txt -host "$TARGET" -output
> nikto-"$TARGET".txt
> done
>
> After the first host, one or more characters from the beginning of "$TARGET"
> may be cut for the following target.
This is strange - Nikto does read from the tty; but this is directly
from the tty, not from stdin.
The above is also how I run Nikto (except I do the simpler way:)
for i in $(generateTargets); do nikto -D V -host $i -output nikto-$i.txt;done
If you're running nikto-2.1.3 or later you don't need the -format if
you've got a standard extension (e.g. .html .txt or .xml).
> Suggested solution:
> Check whether stdin is a tty, and do not read from it if it is not.
> (Alternatively, reopen stdin from /dev/tty.)
>
> Workaround:
> Redirect stdin from /dev/null in the invocation of nikto.pl.
This would probably fail on Windows; but I'm interested in the
contents of your generateTargets script to see what's happening.
More information about the Nikto-discuss
mailing list