From lewis at lewisfrancis.com  Thu Feb 24 09:38:56 2011
From: lewis at lewisfrancis.com (lewis francis)
Date: Thu, 24 Feb 2011 10:38:56 -0500
Subject: [Nikto-discuss] -f cancels report exporting
Message-ID: <D690E664-8B99-4C40-B1EF-9B21D71E2ED5@lewisfrancis.com>

Hey all, congrats on getting 2.1.4 out the door.

I see in the docs that -f has been deprecated and its usage now disables all plugins, which are necessary for report exporting. Sadly, this slightly breaks MacNikto, which assumes that a combination of -0 and -f will result in an exported report.

I alway thought -f was a handy feature to have, and can certainly work around the fact that -f scans can no longer be exported, but was curious as to  the thinking behind the deprecation of this feature? Also, may I assume that  future version of Nikto will no longer support -f at all? Might make sense for me to drop findonly support entirely rather than work around the current behavior if so.

Thanks much.

-Lewis



From csullo at gmail.com  Thu Feb 24 09:55:15 2011
From: csullo at gmail.com (Sullo)
Date: Thu, 24 Feb 2011 10:55:15 -0500
Subject: [Nikto-discuss] -f cancels report exporting
In-Reply-To: <D690E664-8B99-4C40-B1EF-9B21D71E2ED5@lewisfrancis.com>
References: <D690E664-8B99-4C40-B1EF-9B21D71E2ED5@lewisfrancis.com>
Message-ID: <AANLkTimciuHpeYwaFuth22hO6bgO+gfo__3VYU=WbELU@mail.gmail.com>

On Thu, Feb 24, 2011 at 10:38 AM, lewis francis <lewis at lewisfrancis.com> wrote:
> Hey all, congrats on getting 2.1.4 out the door.
>
> I see in the docs that -f has been deprecated and its usage now disables all plugins, which are necessary for report exporting. Sadly, this slightly breaks MacNikto, which assumes that a combination of -0 and -f will result in an exported report.
>
> I alway thought -f was a handy feature to have, and can certainly work around the fact that -f scans can no longer be exported, but was curious as to ?the thinking behind the deprecation of this feature? Also, may I assume that ?future version of Nikto will no longer support -f at all? Might make sense for me to drop findonly support entirely rather than work around the current behavior if so.


Right now -f is just an alias to the "proper" -Plugins options, and I
don't see any real reason to complete remove the -f flag (at least at
the moment). Previously, -findonly was its own bit of code which was
just annoying.

In any case, the emulation of -f via -P didn't intentionally or
unintentionally break reporting. Using the -Plugins flags like this...
  -Plugins 'report_csv;report_html;report_text;report_xml;report_nbe;report_msf'

It will create the output file. I need to make some additional tweaks
to get the output too look the same as it currently does (since it
only looks for plugins @@NONE), but this shouldn't be too hard. I'll
add a ticket and get this fixed for 2.1.5. In the meantime, can
MacNikto use the string above to get the output (even though it looks
a bit different)?


-- 

http://www.cirt.net? ?? |? ? ? http://www.osvdb.org/