From csullo at gmail.com  Sat Jul  2 07:15:37 2011
From: csullo at gmail.com (Sullo)
Date: Sat, 2 Jul 2011 08:15:37 -0400
Subject: [Nikto-discuss] multi port, multi server scanning
In-Reply-To: <0B3C441220CB76478711EA030584A61BDB32072F86@JIF.infogressive.local>
References: <0B3C441220CB76478711EA030584A61BDB32072F86@JIF.infogressive.local>
Message-ID: <835161B3-8E03-466A-9ABB-EC8E10210AA8@gmail.com>

Sorry for not responding sooner, this got lost in my inbox.

Despite major memory usage enhancements by David, it's still one of the larger challenges when using nikto against a long list of hosts/ports. You can try using the nocache option to reduce the amount of data stored, but you might be better off trying to break up the scan into smaller chunks.

-Sullo

Sent from my iPhone

On May 27, 2011, at 1:58 PM, Tristan Lawson <Tristan.Lawson at infogressive.com> wrote:

> Good day fellow nikto users,
> 
>  
> 
> I am in need of some assistance, I have been trying to get nikto to accept a list of servers to scan on port 80 and it works until it gets to about 15 servers and then it quits. It doesn?t matter if I use a provided list or use nmap live output, it does not work. I have also tried tweaking global perl settings involved in allocation of memory and processing time, and it has made no difference. The system is an intel core 2 duo with 3 GB of DDR2 RAM.
> 
>  
> 
> Any help or advise would be very appreciated.
> 
>  
> 
> Thanks
> 
>  
> 
> Tristan Lawson | Senior Information Security Consultant
> 
> CISSP, OSCP, C|EH, E|CSA, C|HFI, GWAPT, GCIH, GISP, GSEC
> 
> FCNSP, JNCIA, JNCIA-FWV, MCSE Security, A+, Net+, Server+, Security+
> 
> Office: 402-261-0123 x101 | Email: tristan.lawson at infogressive.com
> 
> Infogressive, Inc. | Aggressive Information Security | http://www.infogressive.com
> 
>  
> 
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20110702/c32549d6/attachment.html>

From Marcliste at gmx.de  Mon Jul  4 04:08:31 2011
From: Marcliste at gmx.de (Marc Hansen)
Date: Mon, 4 Jul 2011 11:08:31 +0200
Subject: [Nikto-discuss] An question to Nikto
Message-ID: <201107041108.31676.Marcliste@gmx.de>

Hi,
may Nikto2 damage a Database/Website, while performing a test?

I try to calculate the risk of an scan.

Thank you
Marc

From resident.deity at gmail.com  Mon Jul  4 12:39:36 2011
From: resident.deity at gmail.com (a)
Date: Mon, 4 Jul 2011 18:39:36 +0100
Subject: [Nikto-discuss] An question to Nikto
In-Reply-To: <201107041108.31676.Marcliste@gmx.de>
References: <201107041108.31676.Marcliste@gmx.de>
Message-ID: <CABaKezAvZV-XxXVLwYy-AB3gsJp3qS3JebUDUFNqL4hy82M-oA@mail.gmail.com>

I've run nikto on thousands of web servers and never had an integrity or
confidentiality issue. None of the checks attempt to insert or alter data.

Availability on the other hand, nikto, during its running time, will issue
around 6000 calls to the web server. Most servers can easily cope with this,
but i have seen some which have problems.
On Jul 4, 2011 10:08 AM, "Marc Hansen" <Marcliste at gmx.de> wrote:
> Hi,
> may Nikto2 damage a Database/Website, while performing a test?
>
> I try to calculate the risk of an scan.
>
> Thank you
> Marc
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20110704/b6010156/attachment.html>

From wkwang at cisco.com  Sun Jul 10 19:56:23 2011
From: wkwang at cisco.com (Peter Wang)
Date: Sun, 10 Jul 2011 20:56:23 -0400
Subject: [Nikto-discuss] How to disable prompt to send database update?
Message-ID: <CA3FC277.20EEE%wkwang@cisco.com>

Hi all,

We have an automated wrapper script to run Nikto scan. It has been running
fine most scenarios. But recently Nikto scan run into a new web server which
prompt user to select whether to send information update or not. As our
Nikto scan is run in non-interact fashion, so it won?t take any key stroke.
Now our script will hang forever.

Would like to know if there is any Nikto config where it can disable ?prompt
to send info update?.  Or is there a CLI option to set ?No? by default. In
other hand, may a database update resolve this issue?

Thanks,
Peter


*********************************************************************

   Portions of the server's ident string (Apache/2.2.3) are not in

   the Nikto database or is newer than the known string. Would you like

   to submit this information (*no server specific data*) to CIRT.net

   for a Nikto update (or you may email to sullo at cirt.net) (y/n)? 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20110710/83eec65b/attachment.html>

From csullo at gmail.com  Sun Jul 10 21:34:26 2011
From: csullo at gmail.com (Sullo)
Date: Sun, 10 Jul 2011 22:34:26 -0400
Subject: [Nikto-discuss] How to disable prompt to send database update?
In-Reply-To: <CA3FC277.20EEE%wkwang@cisco.com>
References: <CA3FC277.20EEE%wkwang@cisco.com>
Message-ID: <CA+KRv63kTdYHMAp9UQq9nm25+P=dxrBbt_QU_W1mmLRJxdF1Tw@mail.gmail.com>

See nikto.conf--you probably want to use PROMPTS=no.  Also, the -ask
option has similar effect as the UPDATES value.

# Nikto can submit updated version strings to CIRT.net. It won't do
this w/o permission. You should
# send updates because it makes the data better for everyone ;)  *NO*
server specific information
# such as IP or name is sent, just the relevant version information.
# UPDATES=yes   - ask before each submission if it should send
# UPDATES=no    - don't ask, don't send
# UPDATES=auto  - automatically attempt submission *without prompting*
UPDATES=yes

# Prompt... if set to 'no' you'll never be asked for anything. Good
for automation.
#PROMPTS=no


On Sun, Jul 10, 2011 at 8:56 PM, Peter Wang <wkwang at cisco.com> wrote:
> Hi all,
>
> We have an automated wrapper script to run Nikto scan. It has been running
> fine most scenarios. But recently Nikto scan run into a new web server which
> prompt user to select whether to send information update or not. As our
> Nikto scan is run in non-interact fashion, so it won?t take any key stroke.
> Now our script will hang forever.
>
> Would like to know if there is any Nikto config where it can disable ?prompt
> to send info update?. ?Or is there a CLI option to set ?No? by default. In
> other hand, may a database update resolve this issue?
>
> Thanks,
> Peter
>
>
> *********************************************************************
>
> ???Portions of the server's ident string (Apache/2.2.3) are not in
>
> ???the Nikto database or is newer than the known string. Would you like
>
> ???to submit this information (*no server specific data*) to CIRT.net
>
> ???for a Nikto update (or you may email to sullo at cirt.net) (y/n)?
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>
>



-- 

http://www.cirt.net? ?? |? ? ? http://www.osvdb.org/

From bperry.volatile at gmail.com  Sun Jul 10 21:41:34 2011
From: bperry.volatile at gmail.com (Brandon Perry)
Date: Sun, 10 Jul 2011 21:41:34 -0500
Subject: [Nikto-discuss] How to disable prompt to send database update?
In-Reply-To: <CAOJKFBBTr95nH9_k-ANrD0z8VSLu_7RsZ-CRv02CCAB8ByDnoQ@mail.gmail.com>
References: <CA3FC277.20EEE%wkwang@cisco.com>
	<CA+KRv63kTdYHMAp9UQq9nm25+P=dxrBbt_QU_W1mmLRJxdF1Tw@mail.gmail.com>
	<CAOJKFBBTr95nH9_k-ANrD0z8VSLu_7RsZ-CRv02CCAB8ByDnoQ@mail.gmail.com>
Message-ID: <CAOJKFBAdGE1tmeeLiWerLijoJ2eS+tJz5kFebU_9aC3kDXRDpA@mail.gmail.com>

If for some reason none of those work, I hacked around this before knowing
the real answer like this.

echo "n\r" | nikto ...

Of course this would be supported at all, and could break on a whim.

On Jul 10, 2011 9:34 PM, "Sullo" <csullo at gmail.com> wrote:

See nikto.conf--you probably want to use PROMPTS=no.  Also, the -ask
option has similar effect as the UPDATES value.

# Nikto can submit updated version strings to CIRT.net. It won't do
this w/o permission. You should
# send updates because it makes the data better for everyone ;)  *NO*
server specific information
# such as IP or name is sent, just the relevant version information.
# UPDATES=yes   - ask before each submission if it should send
# UPDATES=no    - don't ask, don't send
# UPDATES=auto  - automatically attempt submission *without prompting*
UPDATES=yes

# Prompt... if set to 'no' you'll never be asked for anything. Good
for automation.
#PROMPTS=no



On Sun, Jul 10, 2011 at 8:56 PM, Peter Wang <wkwang at cisco.com> wrote:
> Hi all,
>
> We have an aut...
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>
>



--

http://www.cirt.net     |      http://www.osvdb.org/
_______________________________________________
Nikto-discuss mailing list
Nikto-discuss at attrition.org
https://attrition.org/mailman/listinfo/nikto-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20110710/a3897431/attachment.html>

From bperry.volatile at gmail.com  Sun Jul 10 21:42:40 2011
From: bperry.volatile at gmail.com (Brandon Perry)
Date: Sun, 10 Jul 2011 21:42:40 -0500
Subject: [Nikto-discuss] How to disable prompt to send database update?
In-Reply-To: <CAOJKFBAdGE1tmeeLiWerLijoJ2eS+tJz5kFebU_9aC3kDXRDpA@mail.gmail.com>
References: <CA3FC277.20EEE%wkwang@cisco.com>
	<CA+KRv63kTdYHMAp9UQq9nm25+P=dxrBbt_QU_W1mmLRJxdF1Tw@mail.gmail.com>
	<CAOJKFBBTr95nH9_k-ANrD0z8VSLu_7RsZ-CRv02CCAB8ByDnoQ@mail.gmail.com>
	<CAOJKFBAdGE1tmeeLiWerLijoJ2eS+tJz5kFebU_9aC3kDXRDpA@mail.gmail.com>
Message-ID: <CAOJKFBDwCWUWzy+AQj7s1bdwrkC0vNtiAdtBeB13jMp0qj9J5Q@mail.gmail.com>

Wouldn't***

On Jul 10, 2011 9:41 PM, "Brandon Perry" <bperry.volatile at gmail.com> wrote:

If for some reason none of those work, I hacked around this before knowing
the real answer like this.

echo "n\r" | nikto ...

Of course this would be supported at all, and could break on a whim.


>
> On Jul 10, 2011 9:34 PM, "Sullo" <csullo at gmail.com> wrote:
>
> See nikto.conf--you probably wan...

>
>
>
> On Sun, Jul 10, 2011 at 8:56 PM, Peter Wang <wkwang at cisco.com> wrote:
> > Hi all,
> >
> We have an aut...


>
> > _______________________________________________
> > Nikto-discuss mailing list
> > Nikto-disc...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://attrition.org/pipermail/nikto-discuss/attachments/20110710/82c3fe5b/attachment-0001.html>

From jabra at spl0it.org  Mon Jul 11 21:37:00 2011
From: jabra at spl0it.org (Joshua Abraham)
Date: Mon, 11 Jul 2011 22:37:00 -0400
Subject: [Nikto-discuss] How to disable prompt to send database update?
In-Reply-To: <CAOJKFBDwCWUWzy+AQj7s1bdwrkC0vNtiAdtBeB13jMp0qj9J5Q@mail.gmail.com>
References: <CA3FC277.20EEE%wkwang@cisco.com>
	<CA+KRv63kTdYHMAp9UQq9nm25+P=dxrBbt_QU_W1mmLRJxdF1Tw@mail.gmail.com>
	<CAOJKFBBTr95nH9_k-ANrD0z8VSLu_7RsZ-CRv02CCAB8ByDnoQ@mail.gmail.com>
	<CAOJKFBAdGE1tmeeLiWerLijoJ2eS+tJz5kFebU_9aC3kDXRDpA@mail.gmail.com>
	<CAOJKFBDwCWUWzy+AQj7s1bdwrkC0vNtiAdtBeB13jMp0qj9J5Q@mail.gmail.com>
Message-ID: <CAGVQtj7MshYD0uE+o3fwUsmV8g85FLmEe5ub6BoAEFbA9s66QA@mail.gmail.com>

yes no | ./nitko [options]

hehe.


On Sun, Jul 10, 2011 at 10:42 PM, Brandon Perry
<bperry.volatile at gmail.com> wrote:
> Wouldn't***
>
> On Jul 10, 2011 9:41 PM, "Brandon Perry" <bperry.volatile at gmail.com> wrote:
>
> If for some reason none of those work, I hacked around this before knowing
> the real answer like this.
>
> echo "n\r" | nikto ...
>
> Of course this would be supported at all, and could break on a whim.
>
>>
>> On Jul 10, 2011 9:34 PM, "Sullo" <csullo at gmail.com> wrote:
>>
>> See nikto.conf--you probably wan...
>
>>
>>
>>
>> On Sun, Jul 10, 2011 at 8:56 PM, Peter Wang <wkwang at cisco.com> wrote:
>> > Hi all,
>> >
>
>> We have an aut...
>
>>
>> > _______________________________________________
>> > Nikto-discuss mailing list
>> > Nikto-disc...
>
> _______________________________________________
> Nikto-discuss mailing list
> Nikto-discuss at attrition.org
> https://attrition.org/mailman/listinfo/nikto-discuss
>
>

From resident.deity at gmail.com  Thu Jul 21 17:30:57 2011
From: resident.deity at gmail.com (a)
Date: Thu, 21 Jul 2011 23:30:57 +0100
Subject: [Nikto-discuss] multi port, multi server scanning
In-Reply-To: <835161B3-8E03-466A-9ABB-EC8E10210AA8@gmail.com>
References: <0B3C441220CB76478711EA030584A61BDB32072F86@JIF.infogressive.local>
	<835161B3-8E03-466A-9ABB-EC8E10210AA8@gmail.com>
Message-ID: <CABaKezAkpRaYB4TDN67uQcwTP0FYq63i-K=AMyVeHEsdJPYdeg@mail.gmail.com>

On 2 July 2011 13:15, Sullo <csullo at gmail.com> wrote:
> You
> can try using the nocache option to reduce the amount of data stored, but
> you might be better off trying to break up the scan into smaller chunks.

I think that this will be your problem; for some strange reason we
keep the cache throughout the lifetime of the scan, even through we
use the target details to key on the cache.

The only advantage to doing this is if you repeat scan a server within
the same instance of Nikto, which is unlikely.

I've raised this as bug #219.

For now you can work around this by disabling the cache by using -nocache.