[Nikto-discuss] Bug: Nikto eating input from non-tty stdin
Serge van den Boom
svdb at madison-gurkha.com
Fri Apr 15 09:53:38 CDT 2011
On Fri, 15 Apr 2011, Sullo wrote:
> On Fri, Apr 15, 2011 at 9:45 AM, Serge van den Boom
> <svdb at madison-gurkha.com> wrote:
>
>> Nikto eats characters from stdin, which is undesirable when this is not
>> a tty. For instance, the following Bourne shell script fragment will not
>> work:
>> generateTargets | while read -r TARGET; do
>> nikto.pl -Display V -Format txt -host "$TARGET" -output
>> nikto-"$TARGET".txt
>> done
>>
>> After the first host, one or more characters from the beginning of "$TARGET"
>> may be cut for the following target.
>
> This should work just fine. If characters are being dropped from
> $TARGET than it seems like they are getting chopped out from
> generateTargets and not inside nikto. If you preface your nikto.pl
> line with an 'echo' to see what it's calling, is $TARGET intact or is
> it mangled already?
>
> I just tested out your script, replacing generateTargets with a simple
> file cat, and it seems to work fine.
There is no generateTargets script; I just used that as a placeholder
for any command which produces the targets. I can reproduce the issue
using the following oneliner:
printf '127.0.0.1\n127.0.0.1\n127.0.0.1\n' | while read -r TARGET; do echo TARGET: "$TARGET"; nikto.pl -host "$TARGET" -output nikto-"$TARGET".txt; done
It will first initiate a scan of "127.0.0.1" (as it should), but then
"27.0.0.1". Note the missing "1".
The first "read" will read "127.0.0.1", the second one "27.0.0.1".
With 'set -x' in Bash, the following commands are shown to be executed:
read -r TARGET
printf '127.0.0.1\n127.0.0.1\n127.0.0.1'
echo 127.0.0.1
nikto.pl -host 127.0.0.1 -output nikto-127.0.0.1.txt
read -r TARGET
echo 27.0.0.1
nikto.pl -host 27.0.0.1 -output nikto-27.0.0.1.txt
read -r TARGET
echo 27.0.0.1
nikto.pl -host 27.0.0.1 -output nikto-27.0.0.1.txt
read -r TARGET
I should add that this is using Nikto 2.1.4, and that I have seen this on
different operating systems, using different shells.
There does appear to be some timing involved; sometimes the same lines
do seem to work; if you can't reproduce it at first, just try again.
I suspect that the problem lies in the (use of the) readkey function in
plugins/nikto_core.plugin.
On Fri, 15 Apr 2011, dave at cirt.net wrote:
> The above is also how I run Nikto (except I do the simpler way:)
> for i in $(generateTargets); do nikto -D V -host $i -output nikto-$i.txt;done
I try to avoid such constructs in principle, because this does not
handle white space in lines read well. Though for host names or IP
addresses that should not be a problem.
> If you're running nikto-2.1.3 or later you don't need the -format if you've
> got a standard extension (e.g. .html .txt or .xml).
Noted. Thanks.
> This would probably fail on Windows; but I'm interested in the contents of
> your generateTargets script to see what's happening.
See above.
Regards,
Serge
More information about the Nikto-discuss
mailing list